Setting Permissions on SharePoint Views
Here’s a little hack that you can do, in order to create permissions on views of any list or library. I’m not going to say this is the most pretty or perfect solution, but it’s at least a way to accomplish this. It gets asked all the time. “How can I set permissions so that only certain people can see certain views of my list?”
Maybe you have a situation that the default view of a list shows users only items that they’ve created, or only items in a certain filter like by department. That’s the only view that you want most users to see, except maybe “Managers” get an additional view with information pertaining to them. Anyway, here’s how you can do it. First, the high level:
- Create a library to put web part pages in.
- Create a new web part page in that library
- Insert a data view web part of your list on the web part page
- In the data view properties, turn on the SharePoint list toolbar and SAVE
Now, when you go to the regular default view of your list or library, you will see a new view in there with the same name as your list. Clicking on this view name will take you over to the web part page you created. This hack will allow you to change the permissions on your web part page. The resulting behavior is that users who click on that view name and don’t have access to that aspx web part page will get an access denied message. I know, it’s really disappointing that the “view” drop-down box isn’t security trimmed. Now, if you’re still interested, here are all of the steps to follow:
- Create a document library on the site called “Views”.
- Create a blank web part page, preferably using the method in my previous blog post Create a Web Part Page WITH a Quick Launch Menu and save that web part page in the doc library from step 1.
- In SharePoint Designer, open this new blank web part page. Click the Data View menu and click Insert Data View.
- Click the list or library, click Show Data, and select the fields you need and drag them into the web part zone. (If you need more help with inserting web part basics, check out my data view web part series of videos)
- Open the Data View Properties screen. On the General tab, put a check next to the SharePoint List Toolbar. Click OK.
- Click File and Save As, and save it to the document library created at step 1. Close SharePoint Designer.
- This is probably something a lot of you have noticed before. Now, your list will have a new view in the list of views, that has the same name as the list itself. You can go to the document library settings, scroll all the way down to the Views section, and click on that view and rename it.
Here’s what you can do with this weird little hack. Notice that now when you click on that view name in the regular list, it takes to over to that web part page and the data view web part you created… over in that other document library called “Views”. This gives you the ability to set permissions per view! In the Views document library, click the drop-down box on that ASPX page that you created, and click Manage Permissions. Assign permissions to only the people who should have access to this view. Note that this is not a substitute for item level permissions. Users could technically still go to any of those list items, so this solution is not feasible in a high-security situation.
The end result is that each view that you create as a web part page is listed in the View drop-down box of the list or library, and people who don’t have access to that view ASPX page will get an Access Denied page if they try and click on it.
Again, this is not a perfect solution, but it gives at least some way to accomplish “view permissions”. Try it out and see what you think.