SharePoint 2013 allows downloaded even for users with "view only" permissions

Similar Messages

• With SSMS Can a user with VIEW DEFINITION permissions on a procedure, see its source?

  Is there a way directly within the GUI itself to see the definition of a procedure if a user has VIEW DEFINITION permissions (as well as EXECUTE), or will they need to use sp_helptext?

  Yes, there is a way. Right-click procedure from Object Explorer and select Script from the context menu.
  Erland Sommarskog, SQL Server MVP, [email protected]

• Sharepoint Permissions Application user with read only permissions

  Friends,
  I am trying to create a separate permission Group for an Executive(Department) Team who can access all the documents and lists in the portal with only read permissions because they need to see all the documents and lists in the libraries.
   I can add them in to  SP_Application_User group but i don't want them to edit the documents.
  If i create a new group and set a separate permission level with read only setting, they cannot access all the documents in the document libraries and lists because some of the document libraries and lists have separate permission which overrided parent permissions.
  Hope i will get help from any of you.
  Thanks in advance,
  Regards,
  Chakri

  Hi,
  For your issue, you could add the users to Central Administration > Application Management > Policy for Web Application and grant Full Read permissions.
  With the configuration, these users have Read permission to the whole web application.
  -lambert
  Sincerely,
  Lambert Qin
  Posting is provided "AS IS" with no warranties, and confers no rights.

• Users with View Only Privilege

  Hi,
  I currently have an application for a team of 20 people to create, update and delete records in multiple tabs, pages, etc. There is a request from the team to grant 5 outside users a "Read-only" version of the application in order for them to browse and research what type of data the team has gathered.
  Is there an easy way to do this in the 'Manage Application Express Users"? I see there is a pre-existing Group called "Viewers". When I created a new user in the Viewers User Group and I log in, I can still create, edit and delete.
  Thanks in advance,
  Romi

  As far as I know there are no pre-created user groups in Apex. That aside, there are no privileges assigned to an Apex group. The developer still has to make objects (buttons in your case) conditional on the user belonging to the group.
  Sima

• DI API - accessing objects with Read only permissions

  Scenario: I have setup a user in B1 with "Read Only permissions" on the Business Partner. When I log into the DI API as this user and try instantiating the BP object, I get a message "Loged on user does not have permissions".
  Why am I getting this? Shouldnt I be able to instantiate the object and read the property values. i understand that I cannot Add or Update because of read only permissions.
  Is there a way we can retreive values for users using the DI API or should the best option be to write a SQL statement.
  Thanks,
  Gopal

  Requiring the user to have full authorization to instantiate an object is a serious limitation for the DI API. It makes it virtually useless. After all it is supposed to be OOP and all the trimmings isn’t it? It also takes a lot of control away from the user.
  +1
  Hi,
  I have confirmation from B1 product definition, the DI API access for objects with Read only permissions will not be included in the 2007A version. It will be considered for the following version after 2007A.
  There is a chapter called "Authorization Checks" in the SDK Help file specifying:
  "SAP Business One performs authorization checks for the business objects and the infrastructure and meta data objects. If a user does not have full authorization to access the objects in SAP Business One, the user will not have permission to access the data belonging to the business objects using the DI API."
  Regards
  Trinidad.
  *sigh*

• "Allow AutoFill even for websites that request passwords not be saved." not appearing in Safari 7.0.3 prefs

  A December 2,  2013 Apple FAQ says that you can go to Mavericks:Safari:Preferences:Passwords and select "Allow AutoFill even for websites that request passwords not be saved."
  However, this checkbox does not appear.
  The features and management of iCloud Keychain are causing concern among users.
  I share these. For example, today I chose to let Safari produce a complex password for a Chase credit card site. Yet, when I went back to that site to sign in, I could not. Nor was that password in the list on Safari!
  This is not good. For iCloud Keychain to be trusted, it must be very reliable, and we must be allowed to manage it.
  I was forced to reset the password for Chase, and had to refuse Safari's offer to use their suggested password (as I would possibly never see it again!)

  Safari version 7.0.4
  That option is no more available.

• Custom sendemail in sharepoint 2013 designer workflow using dictionary object with email template from list

  I  am looking for custom sendemail in sharepoint 2013 designer workflow using dictionary object with email template from list
  MCTS Sharepoint 2010, MCAD dotnet, MCPDEA, SharePoint Lead

  Hi Greetings.
  pls check if it helps you.
  http://msdn.microsoft.com/en-us/library/office/jj554504(v=office.15).aspx
  Please remember to click 'Mark as Answer' on the answer if it helps you

• How to make form field read only for users with certain permissions

  We need to make two form fields read only for users with certain permissions. Kindly guide me on how to do this in Infopath. I searched and there is an option to disable to the column, but no option to select user permissions. 
  Please give your suggestion on this. 
  thanks.

  Hi,
  See the link below:
  http://info.akgroup.com/blog-0/bid/69277/InfoPath-Restrict-visibility-to-users-in-a-SharePoint-Group
  Here you can add the fomatting action on the field to disable the field if those users belong to certain Sharepoint group (does not matter the permission levels though). Hope it helps.
  Regards, Kapil ***Please mark answer as Helpful or Answered after consideration***

• How add Authorization check for user with assigened role for t.code-MIR4

  Hi All,
  Regarding authorization how to check authorizations check for user whith assigned roles for the t.code MIR4  using ABAP.
  In Detail:2)     All users are allowed to go to MIR4(invoice number), But ONLY for users with role: MM_RELEASE_INVOICE can proceed to do the posting.
  suggest me...
  Thanks,
  srii..

  Hi Sri ,
  first u need to find out  in which user rules u are using this object , after that if u want to restrict users then remove create/change values from that object values .
  make use of Tcode SUIM to find out all roles which are using this Object.
  or
  ask ur basis guy to remove authorizations to create/change....
  regards
  Prabhu

• How to create sharepoint Group with read only permissions using powershell for entire site ?

  How to create sharepoint Group with read only permissions using powershell for entire site (including subsites and top level site)

  Hi
  using (SPSite site = new SPSite(url))
  using (SPWeb web = site.OpenWeb())
  SPUserCollection users = Web.AllUsers;
  SPUser owner = users[string.Format("{0}{1}", "Domain", "Owner Username")];
  SPMember member = users[string.Format("{0}{1}", "Domain", "Default Member Username")];
  SPGroupCollection groups = Web.SiteGroups;
  string GroupName = “Super Exclusive”;//your group name
  string GroupDescription = “Super exclusive group description.”;
  groups.Add(GroupName, owner, member, GroupDescription);
  SPGroup NewSPGroup = groups[GroupName];
  SPRoleDefinition role = Web.RoleDefinitions["Read"];
  SPRoleAssignment roleAssignment = new SPRoleAssignment(NewSPGroup);
  roleAssignment.RoleDefinitionBindings.Add(role);
  Web.RoleAssignments.Add(roleAssignment);
  Web.Update();
  Please 'propose
  as answer' if it helped you, also 'vote
  helpful' if you like this reply.

• Sun Convergence for user with disabled calendar service

  I have Communication Suite 7 installed with the "Sun Convergence" web interface.
  I create a test user with a disabled calendar service (service package platinum).
  The user test logged in in Sun Convergence web interface and I'm surprised,
  that the calendar for him is available.
  How can I disable the calendar view in Sun Convergence for user with disabled calendar service?
  Thank you.

  petrahu wrote:
  I'm getting the expected result with a service package for mail and calendar,
  e.g. mercury, and setting the status of calendar service to inactive or disabled.The behaviour you are seeing is both "expected" (i.e. as per the current Convergence design) and "unexpected" (i.e. doesn't make sense from a DA service provisioning perspective). It is a real "can-o-worms".
  The problem stems back to the "local.autoprovision" functionality provided at the Calendar Server end (enabled by default):
  http://docs.sun.com/app/docs/doc/819-4654/acajh?l=En&a=view
  "The first time a user logs in, the user's LDAP entry in updated to add calendar service, and a default calendar is created. The user entry must already exist in the LDAP directory. If it does not, an error is returned."
  So even if the calendar service has not been granted at the Delegated Administrator end, the calendar server will "helpfully" add the required objectclasses/attributes when a client (such as Convergence) attempts to login as that user.
  This means Convergence cannot automatically assume a user is not able to access the Calendar service based on the users current objectclass/attribute settings.
  This leads to an existing bug for Convergence:
  Bug#6871400 - "Mail only user is able to access the calendar service"
  I've also created a new Change Request for Calendar Server:
  RFE#6898717 - "local.autoprovision should be disabled by default"
  Please raise this issue with Sun support (log a support request) if you believe the current behaviour is confusing/needs changing (i.e. fix the bug/RFE above).
  Regards,
  Shane.

• ı have bought second hand ipad. 17 apps which were downloaded by previous user with his or her apple id. I need to update them but when I try, ı can't update them with my own apple id. Device ask me to update with the id and password of previous user.

  ı have bought second hand ipad. 17 apps which were downloaded by previous user with his or her apple id are waiting to be updated. I need to update them but when I try, ı can't update them with my own apple id. Device ask me to update with the id and password of previous user. I tried I forgot but this didn't work.  So how can ı have my device forget the previous ID and use my own to update exsisting apps.
  <Email Edited by Host>

  Restore the device to factory settings with iTunes. 
  Then launch the App Store app on the iPad and sign in with your Apple iD and password:
  OT

• How to Control authorization for users with certain status for level 2 WBS Element

  Dear All,
  Is there any standard way or enhancement available to control authorization for users with certain status for WBS Element i.e. for example
  Pre-requisite:
  There is only 2 level of project i.e.
  Lev_ WBSE_______Description
  1___ 7-14.E_______summay outage controller
  2___ 7-14.E.2310__ Plant/unit # 2310
  2___ 7-14.E.2310__ Plant/unit # 2220
  Project Controller  (authorization role assigned "Z_PS_OP7_OTGCON_C") have all project level authorization
  Plant/Unit Controller (authorization role assigned "Z_PS_OP7_PLNTOTG_C_2310") have only level 2 authorization with enhancement that we did in system by Z table.
  User ID_ Plant #
  123345_ 2310
  122455_ 2220
  Issue:
  After System Status released and User Status approved the WBS basic date for Plant/Units should be restricted from updating/changing by Plant/Unit Controller level and only project controller should have this authority.
  Solution required: 
  Can any one tell how to control this scenario either by standard or enhancement available to control authorization
  BR
  Saqib Usman   

  Hi,
  Did you explore SAP Enhancement CNEX0002 Using Transaction CMOD?
  Thank you and regards,
  Varshal Kachole
  The SCN Rules of Engagement

• Upgrade SharePoint 2013 SP1 to CU Mar 2015 with Workflow Manager

  Hi Guys,
  I've tried upgrading SharePoint 2013 SP1 Farm to latest package of CU Mar 2015 today, I've been able to do so and ran PCW and everything seems ok at first glance.. except I have Workflow Manager 1.1. which was also configured on the same server and I was
  using it to run my SP 2013 Workflows. Problem is now I can't trigger any of my Workflows.
  Grateful if you could advise.
  Thanks and Regards,
  Rhyan

  Hi Rhyan,
  After you install the updates and run configuration wizard, please check if rebooting server could help.
  For troubleshooting the issue, we can check ULS log (may need verbose level) for more detailed information generated when we perform workflow trigger and issue occurs.
  https://technet.microsoft.com/en-us/library/ee748656.aspx
  http://summit7systems.com/sharepoint-2013-troubleshooting-guide/
  And also check Event Viewer to see if there are some related errors.
  Thanks
  Daniel Yang 
  TechNet Community Support
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
  [email protected]

• How to create a user with read only access for ESB / BPEL Console

  I need to create a user with read only access to ESB Console & BPEL Console. I have created a user
  (esbreadonly) and assigned ascontrol_monitor role but user is still able to
  delete services from ESB systems (such as DefaultSystem). Is there any way to
  create a user that has strickly read only access to ESB Console & BPEL
  Console
  Thanks
  Dinesh Patel

  Check out this post.. I'm in the process of testing.
  http://chintanblog.blogspot.com/2007/12/i-saw-numerous-people-asking-about-bpel_290.html