Restricting Views of users on Sharepoint lists

Question

I am developing a sharepoint 2010 project. I want to restrict users view on lists based on their identity. (e.g. the branch of organization they work in, but in fact the ristrictions can be more complicated).

What solutions do you recommend?

Answer 1

I find it easier, if possible, to create the view and lock it with the filters on the list settings page.

For example, I have a list of employees that includes their employee IDs. I use that list on other pages to gather data in other webparts. So I filter the employee list to [ME]. So the data is available to the page needing it to filter others and they cannot see anything else.

Now, what about the person who needs to manage that page? I create a view, call it HR. That view can see everything. Then I export that webpart with that list view on it through the designer. I then delete the HR view from the employee list.

This leaves no way for anyone to switch views and see everything again. I create a webpart page for the person who manages it, and I upload that webpart and set the view of the webpart to HR. In the end, I have a page that I lock down instead of trying to lock down views or list permissions separately.

Answer 2

This feature can't be implemented by SharePoint by now and I think neither for the next version

You can use a third part tool to achieve it, such as BoostSolutions' Column/View Permission or LightningTools' DeliverPoint

BTW, I work for BoostSolutions and I mentioned our own product because it works for your issue. Hope it helps :)

Answer 3

I know its a very old question but posting it as it might help someone. There is an work around to do it as described here

Answer 4

Would you be able to have two lists that are joined. One that all users have access to and another that only certain people have access to, and then join them? Then maybe the people that don't have access to the other table it doesn't pull the information? Not sure, but I'll try that out later today.

Answer 5

Not 100% sure on SharePoint 2010, but definitley for SharePoint 2007, there is not a way to do this, especially if the views are corresponding to security requirements on the columns users are able to see.

One way to work around this is have the list be not accessible by users, and then have code logic allow for access to the data creating the different "views" on the data in something like a Web Part. The downsides to this is search becomes an issue (since the data is hidden) and having multiple "views" of the data (if necessary) is also another item to work through.

Answer 6

With out of the box features this is not possible. You can go to great lengths to remove the list's view selectors and other navigational elements that let people cruise around a the schema and metadata for a list but it is not a security mechanism.

If a user has read permissions to an item, they'll have read access to all the fields of that item.

There is an outside chance that it you disabled all RPC mechanisms, SOAP, RESTful web services, Client Object Model and the office clients that you might be able to claim this as a security mechanism. If you don't there will always be a way around your "security" scheme.

Answer 7

create sharepoint groups based upon your requirement or diffrent type of user base and accordingly give them rights may be item level or on complete list

and while doing these things just go through the following posts

http://blogs.gartner.com/neil_macdonald/2009/02/25/sharepoint-security-best-practices/

http://weblogs.asp.net/erobillard/archive/2008/09/11/sharepoint-security-hard-limits-and-recommended-practices.aspx