none
Visitor Permission: Edit, but NOT delete RRS feed

  • Question

  • I have a contacts list in Sharepoint that clients will have access to. I want them to be able to add/edit their contact info, but not delete the previous contacts. When they get contributors' access, they can delete, but without it, they can't add.
    Is there a way to take out the delete option?
    Also, is there a way to expire older contacts, but not delete?
    Monday, July 20, 2009 9:21 PM

Answers

  • Kabad, don't propose your own answers.  Let other people do that.  I was going to propose it for you, but I can't.

    Baha Man, do what kabad said, except add these steps after step 5:
    - After clicking Site Permissions, click Settings > Permission Levels
    - Click on the Contribute permission level (do not edit this under any circumstance!!!)
    - Scroll to the bottom and click Copy Permission Level
    - Name the copied permission level something like ContributeNoDelete and maybe give it an explicit description saying what that permission level can do and can't do
    - DE-SELECT the checkboxes for Delete Items _and_ for Delete Versions (and anything else you want to remove, but be careful)
    - Click Create and notice you have a new permission level
    - Apply this permission level to users or groups as needed
    SharePoint Architect || My Blog
    • Marked as answer by Paul Galvin Monday, July 20, 2009 11:44 PM
    Monday, July 20, 2009 11:02 PM
  • Hi,

    Contribute is a permission level which includes add, edit, delete, view, open, create alerts and view applications pages permission on a list. To fulfil your requirement either you edit the contribute permission level or create new permission level and select only view, edit, add but don't select delete. Following will tell you how to do it;

    1. On the site collection level go to all site settings.
    2. On site settings page click on People and Groups.
    3. On this page on the left hand side menu click on "Site Permissions".
    4. Inside Site Permissions you will see all the SharePoint User Groups. Click on the Settings for this list and choose "Permission Levels".
    5. Here you will see that different permission levels are defined. If you click on contribute it will show you each permission this level has.
    6. you can modify the permissions within "contribute" level or you can click on a "Add a permission level" and create a new permission level with your desired permissions.
    7. Once this new level is created you can use this in your sharepoint groups.

    Regarding your old contacts you can add a column to your list to hold the status. Call the column something "isDelete". For any of the contacts you want to mark as deleted set this column value to 1 otherwise 0. You can add this column as a dropdown to select between yes and no. Then you can create views on your contacts list based on teh value of this column.

    Hope the above will help and answers your questions.
    • Proposed as answer by Kabad ul Hasan Monday, July 20, 2009 10:42 PM
    • Marked as answer by Baha Man Tuesday, July 21, 2009 3:09 PM
    Monday, July 20, 2009 10:42 PM

All replies

  • Hi,

    Contribute is a permission level which includes add, edit, delete, view, open, create alerts and view applications pages permission on a list. To fulfil your requirement either you edit the contribute permission level or create new permission level and select only view, edit, add but don't select delete. Following will tell you how to do it;

    1. On the site collection level go to all site settings.
    2. On site settings page click on People and Groups.
    3. On this page on the left hand side menu click on "Site Permissions".
    4. Inside Site Permissions you will see all the SharePoint User Groups. Click on the Settings for this list and choose "Permission Levels".
    5. Here you will see that different permission levels are defined. If you click on contribute it will show you each permission this level has.
    6. you can modify the permissions within "contribute" level or you can click on a "Add a permission level" and create a new permission level with your desired permissions.
    7. Once this new level is created you can use this in your sharepoint groups.

    Regarding your old contacts you can add a column to your list to hold the status. Call the column something "isDelete". For any of the contacts you want to mark as deleted set this column value to 1 otherwise 0. You can add this column as a dropdown to select between yes and no. Then you can create views on your contacts list based on teh value of this column.

    Hope the above will help and answers your questions.
    • Proposed as answer by Kabad ul Hasan Monday, July 20, 2009 10:42 PM
    • Marked as answer by Baha Man Tuesday, July 21, 2009 3:09 PM
    Monday, July 20, 2009 10:42 PM
  • Kabad, don't propose your own answers.  Let other people do that.  I was going to propose it for you, but I can't.

    Baha Man, do what kabad said, except add these steps after step 5:
    - After clicking Site Permissions, click Settings > Permission Levels
    - Click on the Contribute permission level (do not edit this under any circumstance!!!)
    - Scroll to the bottom and click Copy Permission Level
    - Name the copied permission level something like ContributeNoDelete and maybe give it an explicit description saying what that permission level can do and can't do
    - DE-SELECT the checkboxes for Delete Items _and_ for Delete Versions (and anything else you want to remove, but be careful)
    - Click Create and notice you have a new permission level
    - Apply this permission level to users or groups as needed
    SharePoint Architect || My Blog
    • Marked as answer by Paul Galvin Monday, July 20, 2009 11:44 PM
    Monday, July 20, 2009 11:02 PM
  • As Clayton wrote, don't directly edit the "contribute" permission level as that will affect ever contributor in your environment.

    Instead, do what Clayton says to do.

    It's worth doing a bing search for "permission levels sharepoint" and variations of that theme so that you can understand this very important (and related) sharepoint concept.

    --Paul Galvin, Arcovis
      Microsoft MVP - SharePoint
      Blogging @ http://feeds.feedburner.com/PaulGalvinsSharePointSpace
      Twitter @ http://www.twitter.com/pagalvin
    • Edited by Paul Galvin Monday, July 20, 2009 11:45 PM refined
    Monday, July 20, 2009 11:44 PM
  • Hi Clayton,

    I didn't know that propose as answer is something which others should be using to recommend my post as answers. Thanks for this tip. Is there any place I can find general info related to the rules and functionality on TechNet.

    Regards,

    Kabad
    Tuesday, July 21, 2009 9:45 PM
  • Kabad, there is a FAQ, but I don't know if this is stated.  I just know that the moderators berate us for proposing our own answers.  You can propose other answers, but not your own as that is presumptuous.  If the OP or someone else thinks your answer is suitable, then they will propose it.
    SharePoint Architect || My Blog
    Tuesday, July 21, 2009 10:33 PM
  • Clayton, I've always thought this could work as expected, followed the same steps, but the results are the users not being able to edit any folder or document name(s)! any idea why?
    V Jonian
    Friday, November 13, 2009 4:16 PM
  • Clayton, I've always thought this could work as expected, followed the same steps, but the results are the users not being able to edit any folder or document name(s)! any idea why?
    V Jonian

    It definitely does work, but you have to make sure you go and apply the new permission level to the right place and make sure the right people have it assigned to them.
    SharePoint Architect || My Blog
    Friday, November 13, 2009 4:27 PM
  • Clayton, I triple checked all of what you've mentioned, still when users edit the name of documents/folders will recieve "Access Denied"! Please see all the detailes at the following thread; as I've posted this just yesterday http://social.msdn.microsoft.com/Forums/en-US/sharepointadmin/thread/c03bba5d-8c87-41b0-bd5e-c7829589e718 

    Thank you for following up Clayton.
    V Jonian
    Friday, November 13, 2009 5:13 PM
  • Hmm - not sure.  I've never experienced it and use the ContributeNoDelete permission level all over my farms.
    SharePoint Architect || My Blog
    Friday, November 13, 2009 5:29 PM
  • Well, the strange part is that this issue occurred at the client's farm (MOSS SP2), therefore I have applied the same steps on a different farm that's my own and use it as testing (MOSS SP2 as well) and got the same results (Access Denied).


    Update: I have also Tested this on MOSS SP1 and have the same result (Access Denied). Can anyone confirm this?
    Yes, I know that the "Delete" action will never show/work, but this method is taking away the "Edit" functionality for documents/folder Names! In addition, all other properties for any type of item/document/folder can be edited except the Name!

    I hope someone can test and confirm this issue!


    V Jonian
    Friday, November 13, 2009 5:56 PM
  • Clayton,

    Please take a look at this (other) thread http://social.technet.microsoft.com/Forums/en-US/sharepointgeneral/thread/66ce689f-0308-4ed4-84e0-58a56f4c727b 
    Are you sure you're not experiencing this issue? Can you confirm just testing on one of your farms? You only need to add a document in any library and then login with a testing account (has ContributeNoDelete Permission level assigned) and try to change the Name of the document. Please let me know the results, thank you!
    V Jonian
    Friday, November 13, 2009 8:53 PM