Hide Content or Controls Based on Permissions

One of the little controls SharePoint possesses that gets missed often is the SPSecurityTrimmedControl (http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.webcontrols.spsecuritytrimmedcontrol.aspx) which is a wonderful little thing that actually hides whatever the content is based on the permissions you define.

As an example I can hide controls or content from anonymous users, and show them for logged in users using the following code:

<SharePoint:SPSecurityTrimmedControl ID=”SPSecurityTrimmedControlID″
PermissionsString=”BrowseDirectories” runat=”server”>

This results in the DIV control and it’s contents only being displayed to users who have the BrowseDirectories Permission.

There are many ways this can be used from hiding navigation items, to the hiding the Sign In link effectively.

The permissions you can select and use for this control can be found here: http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.spbasepermissions.aspx

Hope this helps,
Richard Harbridge

Explore posts in the same categories: Code, Reference, SharePoint 2007, Tips and Tricks

Tags: , , ,

You can comment below, or link to this permanent URL from your own site.

7 Comments on “Hide Content or Controls Based on Permissions”

  1. […] This web post from Richard Harbridge shows how to use the SPSecurityTrimmedControl in an ASPX page. Possibly related posts: (automatically generated)SharePoint Designer: Clearing the Web Part CacheHide Content or Controls Based on Permissions […]

  2. Sam Says:

    How to usr spsecuritytrimming in webpart…?

  3. rharbridge Says:

    Well its a control. So you can just add it like any other control to the webpart’s “createchildcontrols” method overload.

    My recommendation is to do a simple test like adding a drop down to a webpart. The method for adding these controls should be very similar.

  4. Can you show how you would do the opposite?

    For example, hide a register link from someone who is logged in.


  5. rharbridge Says:

    That’s actually pretty easy. You could just create javascript that hides any control and place it in the SPSecurityTrimmedControl. If they don’t have that level of permission (which anonymous won’t) it won’t run the javascript since it doesn’t render it. If they do have the permission it will render the JS. 🙂

  6. I found the LoginView control and added code like this:


    Hope this formats:

    <asp:LoginView ID="LoginView1" runat="Server">
    <span style="color:#666666; font-family:tahoma; text-decoration:none; font-size:8pt;">
    Welcome, Guest | <a href="/Pages/Register.aspx">Register</a> |
    <asp:LoginStatus ID="LoginStatus1" runat="Server" />
    <wssuc:Welcome id="IdWelcome" runat="server" EnableViewState="false"></wssuc:Welcome>

  7. rharbridge Says:

    That works too, hah.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: