locked
SharePoint - How to restrict user in deleting and editing other than their own files in share document RRS feed

  • Question

  • there are 75 users accessing the shared document in SharePoint. The permission I granted to them is contribute so they can upload, delete and edit. But I would like to add restriction to not allow them to delete and edit other files owned by other users in the shared document. How would I do that? Need help. 

    Please note that the 75 users are in one user group link to Active Directory. so manually adding and editing each user is never an option. 

    Friday, August 23, 2013 4:35 AM

Answers

  • You can do this... but will have to write some code.

    Basically you need to create an feature which contains an event handler for the event ItemAdded.

    In the event hander. you will break the inheritance of permissions on the item which was inserted and replace that with permissions where the owner of the document has full permissions and your AD group has read permissions.

    Everytime an item is inserted your event will be fired and the permissions will be set correctly on the document.


    val it: unit=()

    • Marked as answer by splabel Friday, August 23, 2013 6:28 AM
    Friday, August 23, 2013 5:21 AM

All replies

  • You can do this... but will have to write some code.

    Basically you need to create an feature which contains an event handler for the event ItemAdded.

    In the event hander. you will break the inheritance of permissions on the item which was inserted and replace that with permissions where the owner of the document has full permissions and your AD group has read permissions.

    Everytime an item is inserted your event will be fired and the permissions will be set correctly on the document.


    val it: unit=()

    • Marked as answer by splabel Friday, August 23, 2013 6:28 AM
    Friday, August 23, 2013 5:21 AM
  • You can do this... but will have to write some code.

    Basically you need to create an feature which contains an event handler for the event ItemAdded.

    In the event hander. you will break the inheritance of permissions on the item which was inserted and replace that with permissions where the owner of the document has full permissions and your AD group has read permissions.

    Everytime an item is inserted your event will be fired and the permissions will be set correctly on the document.


    val it: unit=()

    Thank you. Can you please advise where and what code to use? I'm really new at SharePoint and learning it step by step. 
    Friday, August 23, 2013 6:29 AM
  • Creating fine-grained permissions like this will eventually become messy.

    It would be far better to train the users and set a governance policy about who is allowed to delete which documents. Assign a person to be a supervisor of the library and let them subscribe to alerts, so they get notified when an item is deleted. The supervisor can then handle the education bit with the users.

    Deleted files will be in the site recycle bin for 30 days, and after that in the site collection recycle bin for another 30 days. That is a fairly long time frame to restore accidentally deleted items.

    I strongly believe in user education and making the user understand what to do and why to do it, rather than create code that keeps the users dumb and powerless.



    cheers, teylyn
    www.teylyn.com

    • Proposed as answer by yogesh sainee Saturday, August 24, 2013 5:21 PM
    Friday, August 23, 2013 10:36 AM
  • http://msdn.microsoft.com/en-us/library/ms437502(v=office.14).aspx

    But do pay attention to @Terlyn's response below. she is right in saying that the deletion issue can be resolved by user eduction rather than enforcing item level permissions.


    val it: unit=()

    Saturday, August 24, 2013 5:02 AM