Uwe82

Hi,

I have a list, where I need to control, who can view and change which items. Changing is quite easy with an event handler, that I already have. But viewing is more difficult.

It's a custom list, where every employee has his dataset. Only the HR manager and the employees supervisor should be able to view the list item. I have custom fields in every list item to set the specific people.

I could create a view, to filter the list items, that the current user should not be able to see, but how can I prevent the user to create or change the filter settings



Re: SharePoint - Enterprise Content Management View rights on list items

Uwe82

In the ItemAdded-Event, you can add RoleDefinitions for each Item in the List, with the following code. The grants the person in the field Mitarbeiter as reader and in the field Vorgesetzter and Personalabteilung as Contributor. So they can also write values. The view is also filtered by these settings.

SPListItem item = properties.ListItem;
SPWeb web = properties.OpenWeb();
SPUser user = web.EnsureUser((new SPFieldLookupValue(item["Mitarbeiter"].ToString())).LookupValue);
SPUser vorgesetzter = web.EnsureUser((new SPFieldLookupValue(item["Vorgesetzter"].ToString())).LookupValue);
SPUser personalAbteilung = web.EnsureUser((new SPFieldLookupValue(item["Personalabteilung"].ToString())).LookupValue);
SPRoleDefinition RoleDefReader = web.RoleDefinitions.GetByType(SPRoleType.Reader);
SPRoleDefinition RoleDefWriter = web.RoleDefinitions.GetByType(SPRoleType.Contributor);
SPRoleAssignment RoleAssReader = new SPRoleAssignment((SPPrincipal)user);
SPRoleAssignment RoleAssWriter = new SPRoleAssignment((SPPrincipal)vorgesetzter);
SPRoleAssignment RoleAssWriter2 = new SPRoleAssignment((SPPrincipal)personalAbteilung);
RoleAssReader.RoleDefinitionBindings.Add(RoleDefReader);
RoleAssWriter.RoleDefinitionBindings.Add(RoleDefWriter);
RoleAssWriter2.RoleDefinitionBindings.Add(RoleDefWriter);
if (!item.HasUniqueRoleAssignments)
item.BreakRoleInheritance(
false);
item.RoleAssignments.Add(RoleAssReader);
item.RoleAssignments.Add(RoleAssWriter);
item.RoleAssignments.Add(RoleAssWriter2);
item.Update();