Problem with setting Item level permissions lists

Similar Messages

• Problem with setting Source Level in Sun Studio 2

  I've got problem with setting Source Level to 1.5 in Sun Studio 2. When I try to set it to 1.5 in Project properties and click Ok everything seem to go well, but when I open Project Properties again Source Level is set to 1.4. I need this to work cause I started to lear Java recently and I want to use foreach loop.
  Please help

  I'm just citing an example using Date().
  In fact, whether I use DateFormat or Calendar, it shows the same result.
  When I set the date to 1 Jan 1950 0 hours 0 minutes 0 seconds,
  jdk1.4.2 will always return me 1 Jan 1950 0 hours 10 minutes 0 seconds.
  It works correctly under jdk1.3.1

• Java.util.logging - Problem with setting different Levels for each Handler

  Hello all,
  I am having issues setting up the java.util.logging system to use multiple handlers.
  I will paste the relevant code below, but basically I have 3 Handlers. One is a custom handler that opens a JOptionPane dialog with the specified error, the others are ConsoleHandler and FileHandler. I want Console and File to display ALL levels, and I want the custom handler to only display SEVERE levels.
  As it is now, all log levels are being displayed in the JOptionPane, and the Console is displaying duplicates.
  Here is the code that sets up the logger:
  logger = Logger.getLogger("lib.srr.applet");
  // I have tried both with and without the following statement          
  logger.setLevel(Level.ALL);
  // Log to file for all levels FINER and up
  FileHandler fh = new FileHandler("mylog.log");
  fh.setFormatter(new SimpleFormatter());
  fh.setLevel(Level.FINER);
  // Log to console for all levels FINER and up
  ConsoleHandler ch = new ConsoleHandler();
  ch.setLevel(Level.FINER);
  // Log SEVERE levels to the User, through a JOptionPane message dialog
  SRRUserAlertHandler uah = new SRRUserAlertHandler();
  uah.setLevel(Level.SEVERE);
  uah.setFormatter(new SRRUserAlertFormatter());
  // Add handlers
  logger.addHandler(fh);
  logger.addHandler(ch);
  logger.addHandler(uah);
  logger.info(fh.getLevel().toString() + " -- " + ch.getLevel().toString() + " -- " + uah.getLevel().toString());
  logger.info("Logger Initialized.");Both of those logger.info() calls displays to the SRRUserAlertHandler, despite the level being set to SEVERE.
  The getLevel calls displays the proper levels: "FINER -- FINER -- SEVERE"
  When I start up the applet, I get the following in the console:
  Apr 28, 2009 12:01:34 PM lib.srr.applet.SRR initLogger
  INFO: FINER -- FINER -- SEVERE
  Apr 28, 2009 12:01:34 PM lib.srr.applet.SRR initLogger
  INFO: FINER -- FINER -- SEVERE
  Apr 28, 2009 12:01:40 PM lib.srr.applet.SRR initLogger
  INFO: Logger Initialized.
  Apr 28, 2009 12:01:40 PM lib.srr.applet.SRR initLogger
  INFO: Logger Initialized.
  Apr 28, 2009 12:01:41 PM lib.srr.applet.SRR init
  INFO: Preparing Helper Files.
  Apr 28, 2009 12:01:41 PM lib.srr.applet.SRR init
  INFO: Preparing Helper Files.
  Apr 28, 2009 12:01:42 PM lib.srr.applet.SRR init
  INFO: Getting PC Name.
  Apr 28, 2009 12:01:42 PM lib.srr.applet.SRR init
  INFO: Getting PC Name.
  Apr 28, 2009 12:01:42 PM lib.srr.applet.SRR init
  INFO: Finished Initialization.
  Apr 28, 2009 12:01:42 PM lib.srr.applet.SRR init
  INFO: Finished Initialization.Notice they all display twice. Each of those are also being displayed to the user through the JOptionPane dialogs.
  Any ideas how I can properly set this up to send ONLY SEVERE to the user, and FINER and up to the File/Console?
  Thanks!
  Edit:
  Just in case, here is the code for my SRRUserAlertHandler:
  public class SRRUserAlertHandler extends Handler {
       public void close() throws SecurityException {
       public void flush() {
       public void publish(LogRecord arg0) {
            JOptionPane.showMessageDialog(null, arg0.getMessage());
  }Edited by: compbry15 on Apr 28, 2009 9:44 AM

  For now I have fixed the issue of setLevel not working by making a Filter class:
  public class SRRUserAlertFilter implements Filter {
       public boolean isLoggable(LogRecord arg0) {
            if (arg0.getLevel().intValue() >= Level.WARNING.intValue()) {
                 System.err.println(arg0.getLevel().intValue() + " -- " + Level.WARNING.intValue());
                 return true;
            return false;
  }My new SRRUserAlertHandler goes like this now:
  public class SRRUserAlertHandler extends Handler {
       public void close() throws SecurityException {
       public void flush() {
       public void publish(LogRecord arg0) {
            Filter theFilter = this.getFilter();
            if (theFilter.isLoggable(arg0))
                 JOptionPane.showMessageDialog(null, arg0.getMessage());
  }This is ugly as sin .. but I cannot be required to change an external config file when this is going in an applet.
  After much searching around, this logging api is quite annoying at times. I have seen numerous other people run into problems with it not logging specific levels, or logging too many levels, etc. A developer should be able to complete configure the system without having to modify external config files.
  Does anyone else have another solution?

• Problem with setting item instances on a tabuler form

  I have a tabular form (6i) with a control block that displays 10 (non-database) records at a time. In cases where less than 10 records are displayed, I want to (programmatically) prevent the user from entering any values in the unpopulated text item instances but still be able to enter values in the populated instances. Anyone have any ideas?
  Thanks,
  Jeff

  Friends--
  Below is some updated code. I initially have set the insert_allowed property at the block and item level to "NO" in the property palette for the text items in this block. The number of records displayed is set to 10. The below code runs fine and populates the tabular items in the block and changes the visual attribute in the populated items to blue as designed. However, the insert_allowed is not changed for the populated item instances-- or even the unpopulated item instances for that matter. I set the insert_allowed property to "NO" at the block and item levels initially so that if the cursor populates fewer than 10 rows in the instances, the remaining unpopulated instances will not be insertable-- only the populated ones will be insertable. I am nearly at my wits end with this...ha ha. Let me know what you all think.
  DECLARE
  v_col varchar2(255);
  v_owner varchar2(255);
  v_schema varchar2(255)      := :ctl2.v_owner;
  v_table varchar2(255)      := :ctl2.v_table_name;
  v_val varchar2(1) default 0;
  x int;
  cur_itm VARCHAR2(80);
  cur_block VARCHAR2(80) := :System.Cursor_Block;
  Cursor matrix_cursor IS
  Select column_name
  From all_tab_columns
  Where     owner = upper(v_schema) and     
  table_name = upper(v_table);
  BEGIN
       FIRST_RECORD;
       go_block('ctl');
       clear_block;
       OPEN matrix_cursor;
       LOOP
       FETCH matrix_cursor into v_col;
       EXIT when matrix_cursor%notfound;
       BEGIN /* loops thorugh the items in the block instance changing the visual attribute and insert_allowed properties... */
  cur_itm := Get_Block_Property( cur_block, FIRST_ITEM );
  WHILE ( cur_itm IS NOT NULL ) LOOP
       cur_itm := cur_block||'.'||cur_itm;
  Set_Item_Instance_Property( cur_itm, CURRENT_RECORD,
       VISUAL_ATTRIBUTE,'visual_blue');
  set_block_property('ctl', insert_allowed, property_true);
  set_item_instance_property(cur_itm, current_record,
       insert_allowed, property_true);
  cur_itm := Get_Item_Property( cur_itm, NEXTITEM );
  END LOOP; -- ends inner loop
  END;
  -- populates the fields for each record...
       :ctl.v_field_name := v_col;
       :ctl.v_pos_01 := v_val;
       :ctl.v_pos_02 := v_val;
  NEXT_RECORD;
  END LOOP; -- ends outer loop
  CLOSE matrix_cursor;
  first_record;
  End;

• Sharepoint 2013 / Office 365 Document library item level permissions problem

  Hello,
  I'm looking for a solution to enable users to upload documents to a document library, the ability to view other documents uploaded to the same document library, but able to edit or delete those other documents.
  With a list you can use Item-Level security in Advanced Settings but this is not available for Document libraries. I could use workflows to assign individual permissions to document, but the the library already contains over 2,000 documents and will continue
  to expand so I don't like the idea of having that many individual permissions set.
  Are there any 3rd party plug-ins or solutions to this issue?
  Thanks,

  Try below:
  http://www.hersheytech.com/Blog/SharePoint/tabid/197/entryid/28/Default.aspx
  As it turns out the, setting Item-Level Permissions in a library is fully supported with PowerShell!
  The PowerShell commands for changing this are very simple:
  $web = Get-SPWeb http://YourSite/
  $list = $web.Lists[“Your Document Library Name”]
  $list.ReadSecurity = 2
  $list.Update()
  $web.Dispose()
  Note the 3rd line which is where you determine the value for this setting using the following values:
  1 = “Read all items”
  2 = “Read items that were created by the user”
  If you wish to modify the values for Create and Edit access instead, replace .ReadSecurity with .WriteSecurity with
  the following values:
  1 = “Create and edit All items”
  2 = “Create items and edit items that were created by the user”
  4 = “None”
  For example:
  $web = Get-SPWeb http://YourSite/
  $list = $web.Lists[“Your Document Library Name”]
  $list.WriteSecurity = 2
  $list.Update()
  $web.Dispose()
  Also check 
  http://sppermissions.codeplex.com/
  If this helped you resolve your issue, please mark it Answered. You can reach me through http://freeit-support.com/

• Alerts on a list with Item Level Permissions.

  We have an IS Request list that people can email with their problems.   We recently switched to Item Level Permissions where users can only see the requests that they created.    IS has full control rights over the list and can see all the
  items.   
  Our issue is that the alerts dont work in this type of list and SharePoint Designer alerts are hokey and less dependable.
  Thoughts?
  Devster

  You can use the IAlertNotificationHandler interface to intercept the e-mail alert and to modify it.
  Please check this thread below.
  http://social.msdn.microsoft.com/Forums/sharepoint/en-US/29efe27c-26c2-407e-b771-4f77971238ef/alert-problem-permissions?forum=sharepointgeneralprevious
  My Blog- http://www.sharepoint-journey.com|
  If a post answers your question, please click Mark As Answer on that post and Vote as Helpful

• Item-level Permissions availabe in list advance setting not working.

  Hi,
       Recently i had an requirement of maintaining item level permission. My requirement was that whenever an item is created in list, it should be created with uniqure permission. I know how to do it by writing
  custom code, but i don't want to do it with any code as client doesn't need any dll etc. After explroring i found that there is an option available in List's advance setting. Following are the steps i followed:-
  Go to List settting.
  Go to Advance setting.
  In advance setting we have "Item-level Permissions" as one of option. This option have two
  sub options.
  For Read Accesss
  select "Read items that were created by the user"
  For Create and Edit access select "Create items and edit items that were created by the user" 
  Save the above settings.
  Below is the screen shot for above mentioned setting:
  Expected behaviour from above setting are:
  Users can create new items
  User can view and edit items only those item that are created by them.
  But i found there is not change in item level permission. All users can View and
  Edit items created by other users. May i am
  misunderstanding above setting or there is Bug in sharepoint. Please help me if any body have any idea about it.
  Regards,
  Deepak
  Deepak Kejriwal

  Make sure that users have "Contribute" permission to the list, if the users have more permission at site level, then the list permission will be overridden by site permission.
  Refer the following article for more info.
  http://office.microsoft.com/en-us/windows-sharepoint-services-help/permission-levels-and-permissions-HA010100149.aspx
  --Cheers

• "Attempted to use an object that has ceased to exist" error when opening list with grouping and item level permissions

  Hi All,
  I have a list with few items. If I break role inheritance for at least one item and try to open list view page, I receive this error:
  Attempted to use an object that has ceased to exist. (Exception from HRESULT: 0x80030102 (STG_E_REVERTED))
  This occurs only if view has GroupBy in query. If I remove grouping from view, then error disappears. But I need to have grouping in view as well as item level permissions.
  How can I achieve this? Is this some limitation?
  Any help will be appreciated.
  The full stacktrace:
  System.Runtime.InteropServices.COMException: Attempted to use an object that has ceased to exist. (Exception from HRESULT: 0x80030102 (STG_E_REVERTED))    
  at Microsoft.SharePoint.Library.SPRequestInternalClass.GetListContentTypes(String bstrUrl, String bstrListName, ISPDataCallback pXMLCallback)     
  at Microsoft.SharePoint.Library.SPRequest.GetListContentTypes(String bstrUrl, String bstrListName, ISPDataCallback pXMLCallback)
  System.Runtime.InteropServices.COMException: Attempted to use an object that has ceased to exist. (Exception from HRESULT: 0x80030102 (STG_E_REVERTED)),
  StackTrace:    
  at Microsoft.SharePoint.SPContentTypeCollection.FetchCollection(IList`1 exceptions)     
  at Microsoft.SharePoint.SPList.get_ContentTypes()     
  at Microsoft.SharePoint.SPCustomActionElement.QueryForToolbarButtons(SPWeb web, SPList list, SPListItem item, PAGETYPE pgtype)     
  at Microsoft.SharePoint.SPCustomActionElement.AddCustomToolbarButtons(SPWeb web, SPList list, SPListItem item, SPContext renderContext, PAGETYPE pgtype, ToolBar toolbarControl, WebPart webPart, Page page)     
  at Microsoft.SharePoint.WebControls.ViewToolBar.CreateChildControls()     
  at System.Web.UI.Control.EnsureChildControls()     
  at Microsoft.SharePoint.WebControls.TemplateBasedControl.OnLoad(EventArgs e)     
  at System.Web.UI.Control.LoadRecursive()     
  at System.Web.UI.Control.AddedControl(Control control, Int32 index)     
  at Microsoft.SharePoint.WebPartPages.DataFormWebPart.CreateChildControls()     
  at Microsoft.SharePoint.WebPartPages.XsltListViewWebPart.CreateChildControls()     
  at Microsoft.SharePoint.WebPartPages.WebPartMobileAdapter.CreateChildControls()     
  at System.Web.UI.Control.EnsureChildControls()     
  at System.Web.UI.Control.PreRenderRecursiveInternal()     
  at System.Web.UI.Control.PreRenderRecursiveInternal()     
  at System.Web.UI.Control.PreRenderRecursiveInternal()     
  at System.Web.UI.Control.PreRenderRecursiveInternal()     
  at System.Web.UI.Control.PreRenderRecursiveInternal()     
  at System.Web.UI.Control.PreRenderRecursiveInternal()     
  at System.Web.UI.Control.PreRenderRecursiveInternal()     
  at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)     
  at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)     
  at System.Web.UI.Page.ProcessRequest()     
  at System.Web.UI.Page.ProcessRequest(HttpContext context)     
  at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()     
  at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)     
  at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error)     
  at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb)     
  at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)     
  at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)     
  at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)     
  at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)     
  at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)     
  at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)     
  at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)

  Does the site use any custom code? Not necessarily the task list but can be anywhere. If yes, ensure that current context SPWeb/SPSite objects are not being disposed off.
  This post is my own opinion and does not necessarily reflect the opinion or view of Slalom.

• Workflow not triggering when changing Item-level Permissions in Sharepoint 2013 list

  Scenario:
  We have a custom list in Sharepoint 2013 that we use for Case Management. We have a workflow that triggers on a created item generated from an email. The user then gets a reply with a link to his own case.
  I want the users only to be able to see their own cases and no one elses.  When I change this under
  Advanced Settings under List Settings and
  Item-level Permissions and set them to Read items that were created by the user
  and Create items and edit items that were created by the user
  the workflow doesn´t trigger.
  How can I resolve this? I've tried every possible out-of-the-box permissions but with no result. Help!
  Thanks in advance!
  // Browncreek

  When you're testing , remember you cant trigger declarative workflow from the System Account - you need a general user account for auto-trigger workflows.  Good luck!
  Chris McNulty MCSE/MCTS/MSA/MVTSP | blog http://www.chrismcnulty.net/blog | twitter @cmcnulty2000 Microsoft Community Contributor Award 2011
  Hi, I have the same problem. Except that I am not using an email to create a new item. The item is created by members of a SharePoint group that have Contribute access to the list. When use the same settings i.e.
  Read items that were created by the user and Create items and edit items that were created by the user,
  the workflow does not trigger. If I set it back to Real all items and Create
  and Edit all items, it triggers the workflow.
  Please help me resolve as I have rolled this out to pilot users and am having this trouble.
  Thanks,
  Vishal

• Read all items when when item-level permissions set

  I have a SharePoint 2010 list where the general user population should be able to submit and read only their own items.
  Item-level permissions set as follows:
  Read access : Read items that were created by the user
  Creaed and Edit access : Create items and edit items that were created by the user
  That works fine.
  Now, I have a small group of power users that need read-access to all list items. I can do that by granting 'Contribute' permissions, but I don't want them to be able to modify items, so I prefer granting only read permissions. When I do that, they can't
  see all the items due to the item-level permission settings.
  Is there a permission level that I can use (perhaps a custom permission level) that enables a read-all (and overrides the item-level permission)?

  With these specific settings, there are not. It is possible to do security through obscurity by only showing views that allow the users to see their items and use audience targeting for the others, but that is not true security, so it will depend on your
  requirements.
  Andy Wessendorf SharePoint Developer II | Rackspace [email protected]

• Item-level Permissions in List Advanced Settings

  Hi,
  Is the "Item-level Permissions" in List Advanced Settings, a security option or is it a way to filter data for the user?
  How does it work with the permission done on the item level when breaking inheritance with the list?
  thanks.

  I have imncluded snippet bewlow that can be sued to remove all permission and added the permissins you require
  #region "Methods"
  private void HandleNewManuscriptEvent(SPSite _site, SPWeb _web, SPItemEventProperties _properties)
  List<SPUser> Approvers = new List<SPUser>();
  List<String> DepartmentsOfInterest = new List<string>();
  String temp = String.Empty;
  SPUser itemOwner = null;
  //AREA FIELD NAMES
  List<String> ClinicalDevelopments = new List<string>();
  List<String> NonClinicals = new List<string>();
  List<String> NonClinicalMethodologies = new List<string>();
  List<String> Marketings = new List<string>();
  //CRITICAL FIELD NAMES
  String sFirstPresentation = String.Empty;
  String sBiosequenceData = String.Empty;
  String sChemicalStructures = String.Empty;
  String sDetailedFormulationData = String.Empty;
  String sBiologicsManufacturing = String.Empty;
  String sPharmacologyData = String.Empty;
  String sBOTOXFieldName = String.Empty;
  //LEGAL FIELD NAME
  String sLegalFieldName = String.Empty;
  //DUE DATE
  String sDueDate = String.Empty;
  //ACCESSION
  int iAccessionValue = 0;
  String sMonthValue = String.Empty;
  String sAccession = String.Empty;
  String sEventHandler = " Completed ";
  try
  this.DisableEventFiring();
  //this doesn't get elevated rights
  //SPListItem manuscript = _properties.ListItem;
  SPListItem elevatedManuscript = _web.Lists[_properties.ListId].GetItemById(_properties.ListItem.ID);
  SPListItem manuscript = _properties.ListItem;
  _web.AllowUnsafeUpdates = true;
  #region "Departments"
  try
  //AREAS
  #region "Clinical Development"
  temp = String.Empty;
  if (manuscript[this.m_sClinicalDevelopmentFieldName] != null)
  temp = manuscript[this.m_sClinicalDevelopmentFieldName].ToString();
  ClinicalDevelopments = this.GetDepartmentsFromAreaSelections(temp.Split(";".ToCharArray()));
  System.Diagnostics.Debug.WriteLine("Clinical Development count..." + ClinicalDevelopments.Count);
  //for each "Clinical Development" checked
  foreach (var clinicalDevelopment in ClinicalDevelopments)
  //disregard "None" selection
  if (!clinicalDevelopment.Equals("None"))
  DepartmentsOfInterest.Add(clinicalDevelopment);
  #endregion
  #region "Non-Clinical"
  temp = String.Empty;
  if (manuscript[this.m_sNonClinicalFieldName] != null)
  temp = manuscript[this.m_sNonClinicalFieldName].ToString();
  NonClinicals = this.GetDepartmentsFromAreaSelections(temp.Split(";".ToCharArray()));
  //for each "Non-clinical" checked
  foreach (var nonclinical in NonClinicals)
  //disregard "None" selection
  if (!nonclinical.Equals("None"))
  DepartmentsOfInterest.Add(nonclinical);
  #endregion
  #region "Non-Clinical Methodology"
  temp = String.Empty;
  if (manuscript[this.m_sNonClinicalMethodologyFieldName] != null)
  temp = manuscript[this.m_sNonClinicalMethodologyFieldName].ToString();
  NonClinicalMethodologies = this.GetDepartmentsFromAreaSelections(temp.Split(";".ToCharArray()));
  //for each "Non-clinical Methodology" checked
  foreach (var nonclinicalmethodology in NonClinicalMethodologies)
  //disregard "None" selection
  if (!nonclinicalmethodology.Equals("None"))
  DepartmentsOfInterest.Add(nonclinicalmethodology);
  #endregion
  #region "Marketing"
  temp = String.Empty;
  if (manuscript[this.m_sMarketingFieldName] != null)
  temp = manuscript[this.m_sMarketingFieldName].ToString();
  Marketings = this.GetDepartmentsFromAreaSelections(temp.Split(";".ToCharArray()));
  //for each "Marketing" checked
  foreach (var marketing in Marketings)
  //disregard "None" selection
  if (!marketing.Equals("None"))
  DepartmentsOfInterest.Add(marketing);
  #endregion
  //"CRITICALS"
  #region "First-Presentation"
  temp = String.Empty;
  if (manuscript[this.m_sFirstPresentationFieldName] != null)
  temp = manuscript[this.m_sFirstPresentationFieldName].ToString();
  if (temp.Equals("Yes"))
  DepartmentsOfInterest.Add(this.m_sFirstPresentationDepartmentName);
  #endregion
  #region "Biosequence Data"
  temp = String.Empty;
  if (manuscript[this.m_sBiosequenceDataFieldName] != null)
  temp = manuscript[this.m_sBiosequenceDataFieldName].ToString();
  if (temp.Equals("Yes"))
  DepartmentsOfInterest.Add(this.m_sBiosequenceDataDepartmentName);
  #endregion
  #region "Chemical Structures"
  temp = String.Empty;
  if (manuscript[this.m_sChemicalStructuresFieldName] != null)
  temp = manuscript[this.m_sChemicalStructuresFieldName].ToString();
  if (temp.Equals("Yes"))
  DepartmentsOfInterest.Add(this.m_sChemicalStructuresDepartmentName);
  #endregion
  #region "Detailed Formulation Data"
  temp = String.Empty;
  if (manuscript[this.m_sDetailedFormulationDataFieldName] != null)
  temp = manuscript[this.m_sDetailedFormulationDataFieldName].ToString();
  if (temp.Equals("Yes"))
  DepartmentsOfInterest.Add(this.m_sDetailedFormulationDataDepartmentName);
  #endregion
  #region "Biologics Manufacturing"
  temp = String.Empty;
  if (manuscript[this.m_sBiologicsManufacturingFieldName] != null)
  temp = manuscript[this.m_sBiologicsManufacturingFieldName].ToString();
  if (temp.Equals("Yes"))
  DepartmentsOfInterest.Add(this.m_sBiologicsManufacturingDepartmentName);
  #endregion
  #region "Pharmacology Data"
  temp = String.Empty;
  if (manuscript[this.m_sPharmacologyDataFieldName] != null)
  temp = manuscript[this.m_sPharmacologyDataFieldName].ToString();
  if (temp.Equals("Yes"))
  DepartmentsOfInterest.Add(this.m_sPharmacologyDataDepartmentName);
  #endregion
  #region "BOTOX"
  temp = String.Empty;
  if (manuscript[this.m_sBOTOXFieldName] != null)
  temp = manuscript[this.m_sBOTOXFieldName].ToString();
  if (temp.Equals("Yes"))
  DepartmentsOfInterest.Add(this.m_sBOTOXDepartmentName);
  #endregion
  #region "Legal"
  temp = String.Empty;
  temp = manuscript[this.m_sLegalFieldName].ToString();
  if (temp != null & temp != String.Empty)
  DepartmentsOfInterest.Add(temp);
  #endregion
  catch (Exception ex) { sEventHandler += ex.Message; }
  #endregion
  //SET DUE DATE
  DateTime dt = DateTime.Today.AddDays(1);
  sDueDate = dt.ToShortDateString(); ;
  //GET ALL UNIQUE APPROVERS
  Approvers = this.GetAllUniqueApprovers(_web, DepartmentsOfInterest, manuscript);
  //SET ITEM PERMISSIONS
  #region "Permissions"
  try
  String currentuser = _properties.UserLoginName.ToString();
  itemOwner = _web.EnsureUser(currentuser);
  //BREAK INHERITANCE
  if (!elevatedManuscript.HasUniqueRoleAssignments)
  elevatedManuscript.BreakRoleInheritance(false);
  //REMOVE ALL EXISTING USERS FROM ITEM
  foreach (SPUser user in _web.Users)
  //if user is NOT site owner and not current user
  if (!user.LoginName.Equals(itemOwner.LoginName))
  //remove all user permissions from item
  elevatedManuscript.RoleAssignments.Remove(user);
  #region "For Owner of Document/Manuscript"
  if (itemOwner != null)
  SPRoleAssignment sprole = new SPRoleAssignment(itemOwner);
  SPRoleDefinition siteRoleDefinition = _web.RoleDefinitions["Full Control"];
  sprole.RoleDefinitionBindings.Add(siteRoleDefinition);
  elevatedManuscript.RoleAssignments.Add(sprole);
  #endregion
  #region "For Approvers from meta data sheet"
  foreach (SPUser approver in Approvers)
  SPRoleAssignment sprole = new SPRoleAssignment(approver);
  SPRoleDefinition siteRoleDefinition = _web.RoleDefinitions["Approve"];
  sprole.RoleDefinitionBindings.Add(siteRoleDefinition);
  elevatedManuscript.RoleAssignments.Add(sprole);
  #endregion
  //REMOVE ALL GROUP PERMISSIONS TO THE SITE
  foreach (SPGroup group in _web.Groups)
  elevatedManuscript.RoleAssignments.Remove(group);
  catch (Exception ex) { sEventHandler += ex.Message; }
  #endregion
  #region "Writings out to list (Accession + EventHandler)"
  try
  iAccessionValue = this.GetNewAccessionValue(manuscript);
  if (DateTime.Today.Month.ToString().Length < 2)
  sMonthValue = "0" + DateTime.Today.Month.ToString();
  else
  sMonthValue = DateTime.Today.Month.ToString();
  sAccession = "M" + DateTime.Today.Year.ToString() + sMonthValue + iAccessionValue.ToString();
  //only add once. if there is a number in there, don't update.
  if (manuscript[this.m_sAccessionFieldName] == null)
  manuscript[this.m_sAccessionFieldName] = sAccession;
  //update file name to <accession number> <document type> Due <date needed>
  DateTime dateNeeded = Convert.ToDateTime(manuscript["DateNeeded"].ToString());
  manuscript["Name"] = sAccession + " " + manuscript[m_sPublicationTypeFieldName] + " Due " + dateNeeded.Month + "-" + dateNeeded.Day + "-" + dateNeeded.Year;
  manuscript["Editor"] = manuscript["Author"];
  manuscript[this.m_sEventHandlerField] = sEventHandler.Trim();
  manuscript.SystemUpdate();
  catch (Exception ex) { sEventHandler += ex.Message; }
  #endregion
  Hopethis helps please ping back the post and let usinw.....
  -Ivan
  Ivan Sanders My LinkedIn Profile,
  My Blog,
  @iasanders.

• Setting Item level access rights on sharepoint list item in ItemAdding event handler

  Hi ,
  I am using sharepoint 2013. I am trying to set item level access rights when a list item is added using the following code snippet,
  public override void ItemAdding(SPItemEventProperties properties)
  base.ItemAdding(properties);
  ConfigureItemSecurity(properties);
  private void ConfigureItemSecurity(SPItemEventProperties properties)
  var item=properties.ListItem;
  SPSecurity.RunWithElevatedPrivileges(delegate()
  using (SPSite site = new SPSite(properties.SiteId))
  using (SPWeb oWeb = site.OpenWeb())
  item.ParentList.BreakRoleInheritance(true);
  oWeb.AllowUnsafeUpdates = true;
  var guestRole = oWeb.RoleDefinitions.GetByType(SPRoleType.Reader);
  var editRole = oWeb.RoleDefinitions.GetByType(SPRoleType.Editor);
  SPGroup HRGroup = oWeb.SiteGroups.Cast<SPGroup>().AsQueryable().FirstOrDefault(g => g.LoginName=="HR Team");
  SPRoleAssignment groupRoleAssignment = new SPRoleAssignment(HRGroup);
  groupRoleAssignment.RoleDefinitionBindings.Add(guestRole);
  SPUserCollection users = oWeb.Users;
  SPFieldUserValueCollection hm = (SPFieldUserValueCollection)item["HiringManager"];
  SPFieldUserValueCollection pm = (SPFieldUserValueCollection)item["ProjectManager"];
  SPFieldUserValueCollection pmChiefs = (SPFieldUserValueCollection)item["ProjectManagerChief"];
  item.BreakRoleInheritance(true);
  item.RoleAssignments.Add(groupRoleAssignment);
  foreach (SPFieldUserValue staffMember in hm)
  SetRightsOnItem(item, staffMember, editRole);
  foreach (SPFieldUserValue staffMember in pm)
  SetRightsOnItem(item, staffMember, guestRole);
  foreach (SPFieldUserValue staffMember in pmChiefs)
  SetRightsOnItem(item, staffMember, guestRole);
  item.Update();
  private void SetRightsOnItem(SPListItem item, SPFieldUserValue staffMember, SPRoleDefinition role)
  SPUser employeeUser = staffMember.User;
  var userRoleAssignment = new SPRoleAssignment(employeeUser);
  userRoleAssignment.RoleDefinitionBindings.Add(role);
  item.RoleAssignments.Add(userRoleAssignment);
  Nothing is happening though... Is the event handler the right place to do this?
  thank you

  Hi ,
  You can refer to the code working in my environment:
  using System;
  using System.Security.Permissions;
  using Microsoft.SharePoint;
  using Microsoft.SharePoint.Utilities;
  using Microsoft.SharePoint.Workflow;
  namespace ItemLevelSecurity.ItemSecurity
  /// <summary>
  /// List Item Events
  /// </summary>
  public class ItemSecurity : SPItemEventReceiver
  /// <summary>
  /// An item was added.
  /// </summary>
  public override void ItemAdded(SPItemEventProperties properties)
  SPSecurity.RunWithElevatedPrivileges(delegate()
  try
  using (SPSite oSPSite = new SPSite(properties.SiteId))
  using (SPWeb oSPWeb = oSPSite.OpenWeb(properties.RelativeWebUrl))
  //get the list item that was created
  SPListItem item = oSPWeb.Lists[properties.ListId].GetItemById(properties.ListItem.ID);
  //get the author user who created the item
  SPFieldUserValue valAuthor = new SPFieldUserValue(properties.Web, item["Created By"].ToString());
  SPUser oAuthor = valAuthor.User;
  //assign read permission to item author
  AssignPermissionsToItem(item,oAuthor,SPRoleType.Reader);
  //update the item
  item.Update();
  base.ItemAdded(properties);
  catch (Exception ex)
  properties.ErrorMessage = ex.Message; properties.Status = SPEventReceiverStatus.CancelWithError;
  properties.Cancel = true;
  public static void AssignPermissionsToItem(SPListItem item, SPPrincipal obj, SPRoleType roleType)
  if (!item.HasUniqueRoleAssignments)
  item.BreakRoleInheritance(false, true);
  SPRoleAssignment roleAssignment = new SPRoleAssignment(obj);
  SPRoleDefinition roleDefinition = item.Web.RoleDefinitions.GetByType(roleType);
  roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
  item.RoleAssignments.Add(roleAssignment);
  Thanks,
  Eric
  Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected].
  Eric Tao
  TechNet Community Support

• Always Get Edit Link When Item Level Permissions Set

  We've enabled item-level permissions in a folder, and all users receive the "edit folder" button, regardless of whether we've given them "manage" access. Turning off item-level permissions removes the edit link.
  Is this a known issue? Any workaround/solution?

  That's just a "feature" of item level security, I don't think Oracle has any plans to fix it in 3.0.9X they probably have resolved the issuse in 9.0.2 ..... If you really need it gone you can click "Edit Defaults" when editing the page, right next to the portlet and uncheck the box that says show "Show Edit Link".. But then you just taken away the easy ability of editing the items through the portlet and you have to go back to the Content Area to update anything.
  brad

• SharePoint 2010 Item level permissions nightmare...how do I escape this madness?

  We have a custom SharePoint 2010 application that helps process job req. documents from 200+ partner companies. Each company can only see its own job req. documents (done using item level permissions in one document library).
  The number of documents is getting close to 3k. I've read that once you get over 5k, you'll see a huge performance hit because of the number of unique security scopes.
  Creating 200+ libraries is out of the question. That just seems like an even bigger logistical nightmare...especially since we add partners every month almost. We have reports that run off of this data and querying that many libraries would be nuts.
  Next would be making folders for each company. A lot of recoding would need to be done, but my biggest concern will be not being able to sort and filter properly.
  I've tried writing a PowerShell script to copy everything into folders in a new library and the filtering doesn't work even after messing around with the view to not show the folders at all.
  The last thing I'm considering is just archiving older data that may no longer be relevant by year or something.
  Has anyone else run into a similar issue?
  Any suggestions?

  Hi,
  Once you have exceeded the threshold limit, certainly there will be performance issues. However, you can still iterate though lists/libraries that exceed threshold limit by workaround here:
  List Threshold
  Additionally, please refer following link which demonstrates how you can implement sorting/paging for lists exceeding threshold limit:
  https://social.msdn.microsoft.com/Forums/en-US/4f788144-773c-4e63-8c1f-1e51f1c0a82f/client-object-model-fsobjtype-and-list-view-threshold?forum=sharepointdevelopmentprevious
  Hope it helps!
  Thanks,
  Avni Bhatt
  If this helped you resolve your issue, please mark it Answered

• Item Level permissions document library

  In SharePoint 2010 you could apply item level permissions to document libraries via PowerShell with
  $web= Get-SPOSite "sitename"
  $list = $web.Lists[“Listname”]
  $list.ReadSecurity = 2
  $list.Update()
  $web.Dispose()
  Is there a way to apply this to SharePoint online 2013? it doesn't seem to work.  

  Hi SpNerd,
  For SharePoint 2013 Online, there is not a comdlet that is used to get a site. So, it seems that there is not a way to change Item-level permissions via PowerShell for SharePoint Online.
  Windows PowerShell for SharePoint Online cmdlets
  http://technet.microsoft.com/en-us/library/fp161364(v=office.15).aspx
  As a workaround, you can change Item-level permissions via SharePoint Online UI as List Settings->Advanced Settings->Item-level Permissions.
  I hope this helps.
  Thanks,
  Wendy
  Wendy Li
  TechNet Community Support