Reputation: 1721
Prevent author from sharing Share point document
I have a team site in Office 365, which contains some folders in the document list. Those folders have various types of documents like word, excel or presentation. Requirement is to restrict the author from sharing the file with anyone. So user can edit/modify the document but should not be able to share the file with anybody.
Same functionality works with Google documents like: Google Equivalent Code
File.LabelsData labels = new File.LabelsData();
labels.Restricted = true;
File body = new File();
body.Title = title;
body.Description = description;
body.MimeType = mimeType;
body.Parents = parents;
body.WritersCanShare = false;
body.Labels = labels;
newFile = DriveService.Files.Insert(body).Execute();
The code which uploads the file to share point:
Microsoft.SharePoint.Client.File uploadFile;
uploadFile = folder.Files.Add(fileInfo);
clientContext.Load(uploadFile);
clientContext.ExecuteQuery();
I am not able to find any property which can stop author from sharing the document to other users.
PS: Admin has restricted the file sharing to users outside the domain, so that is not an issue.
Upvotes: 1
Views: 294
Answers (3)
Reputation: 36
One approach to this issue would be to use the UI layer of O365 and modify it to hide the "share" control from all users. I have used this approach to hide the comment functionality but not tried it for the "share" control.
There are issues with this approach but for all but the most hardened users it would prevent them from sharing the file.
The second approach I've used is to not look for a technology solution but to ask the people asking you to implement this the bigger question of why they want to prevent sharing. It may be that in getting an answer to that question you see a simpler way to solve the problem given your understanding of the organisation.
I hope this helps.
Dorje
Upvotes: 0
Reputation: 710
By default, Contributors can manage permissions, but you can edit the permission level and remove this particular flag. Or assign your users a new permission level that doesn't include that right. It's not innately tied to 'Edit', 'Delete', or 'Add' access. Every site collection has a URL for managing Permission levels here:
/_layouts/15/role.aspx
If you needed to allow a user to upload a file, but wanted to change it's access once it had been added you could break the inheritance and clear the current security and add whatever new security you would have wanted. This code is a bit rough but it gives the you the idea.
using (ClientContext context = new ClientContext(projURL))
{
CamlQuery query = new CamlQuery();
query.ViewXml = "";
Microsoft.SharePoint.Client.ListItemCollection items = context.Web.SiteUserInfoList.GetItems(query);
context.Load(items, collection => collection.Include(item => item.HasUniqueRoleAssignments));
context.Load(context.Web.RoleDefinitions);
context.ExecuteQuery();
foreach(Microsoft.SharePoint.Client.ListItem item in items)
{
item.BreakRoleInheritance(false, true);
User user = context.Web.SiteUsers.GetByLoginName("username");
RoleDefinitionBindingCollection rightColl = new RoleDefinitionBindingCollection(context);
rightColl.Add(context.Web.RoleDefinitions.GetByName("Read"));
item.RoleAssignments.Add(user, rightColl);
item.Update();
context.ExecuteQuery();
}
}
Upvotes: 2
Reputation: 884
Indirectly you want to setup permission for the uploaded document, but there is no way/option in SharePoint which allows you to setup both kind of permissions (edit/modify document, but do not share). If you provide modification rights (i.e. Contribute Permission) then it will automatically grant permission to user to share the document.
Click here to see the permission levels in SharePoint 2013.
Here is a workaround which you can try for this:
- Allow user to upload the document in SP Document library (It will require contribute permission to upload document in document library)
- As soon as document is uploaded, execute a workflow. (You will need to create this workflow, this workflow will change the Item level permission for that user for the uploaded document only and new permission will be view only/Read)
- If user will have View Only/Read permission, He/She won't be able to share the document.
So in this workaround, user can upload the document in same document library but can not share the document to any one.
Hope this will help you.
Upvotes: 0
Related Questions
- Prevent users from creating new sheets in a shared google spreadsheet
- How to make files not shareable?
- How to protect SharePoint Document (Read only and not allow to download)
- How to prevent user from sharing downloaded file in Flutter
- Display document only to user who uploaded it in sharepoint
- Disable File>Share in Excel with VBA
- Can I prevent users from sharing a document using App Script?
- Google Drive API Deny sharing of file for an user who has 'writer' permission of that file
- How to prevent users from copying shared documents in Google Docs / Google Drive
- Restrict the delete option from shared documents in sharepoint Server