Hide Content or Controls Based on Permissions
One of the little controls SharePoint possesses that gets missed often is the SPSecurityTrimmedControl (http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.webcontrols.spsecuritytrimmedcontrol.aspx) which is a wonderful little thing that actually hides whatever the content is based on the permissions you define.
As an example I can hide controls or content from anonymous users, and show them for logged in users using the following code:
<SharePoint:SPSecurityTrimmedControl ID=”SPSecurityTrimmedControlID″
PermissionsString=”BrowseDirectories” runat=”server”>
<DIV>THIS TEXT IS HIDDEN UNLESS YOU ARE LOGGED IN</DIV>
</SharePoint:SPSecurityTrimmedControl>
This results in the DIV control and it’s contents only being displayed to users who have the BrowseDirectories Permission.
There are many ways this can be used from hiding navigation items, to the hiding the Sign In link effectively.
The permissions you can select and use for this control can be found here: http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.spbasepermissions.aspx
Hope this helps,
Richard Harbridge
This entry was posted on September 2, 2008 at 7:17 pm and is filed under Code, Reference, SharePoint 2007, Tips and Tricks. You can subscribe via RSS 2.0 feed to this post's comments.
Tags: Hide Content, Hide Controls, Security Trimming, SharePoint Security Trimming
You can comment below, or link to this permanent URL from your own site.
November 13, 2008 at 1:27 pm
[…] This web post from Richard Harbridge shows how to use the SPSecurityTrimmedControl in an ASPX page. Possibly related posts: (automatically generated)SharePoint Designer: Clearing the Web Part CacheHide Content or Controls Based on Permissions […]
January 20, 2009 at 11:50 am
How to usr spsecuritytrimming in webpart…?
January 20, 2009 at 2:21 pm
Well its a control. So you can just add it like any other control to the webpart’s “createchildcontrols” method overload.
My recommendation is to do a simple test like adding a drop down to a webpart. The method for adding these controls should be very similar.
February 12, 2009 at 8:09 am
Can you show how you would do the opposite?
For example, hide a register link from someone who is logged in.
Thanks.
February 12, 2009 at 8:42 am
That’s actually pretty easy. You could just create javascript that hides any control and place it in the SPSecurityTrimmedControl. If they don’t have that level of permission (which anonymous won’t) it won’t run the javascript since it doesn’t render it. If they do have the permission it will render the JS. 🙂
February 12, 2009 at 8:43 am
I found the LoginView control and added code like this:
http://www.dotnetfunda.com/tutorials/controls/loginview.aspx
Hope this formats:
—
<asp:LoginView ID="LoginView1" runat="Server">
<AnonymousTemplate>
<span style="color:#666666; font-family:tahoma; text-decoration:none; font-size:8pt;">
Welcome, Guest | <a href="/Pages/Register.aspx">Register</a> |
<asp:LoginStatus ID="LoginStatus1" runat="Server" />
</span>
</AnonymousTemplate>
<LoggedInTemplate>
<wssuc:Welcome id="IdWelcome" runat="server" EnableViewState="false"></wssuc:Welcome>
</LoggedInTemplate>
</asp:LoginView>
—
February 12, 2009 at 8:58 am
That works too, hah.