SharePoint - Need help in permission in sharepoint form library.

Asked By Rahul Khanna on 05-Sep-11 12:43 AM
Hi all,
I am working with sharepoint 2010. I need some help in regarding permission in form library. 

1)Only current user can see his document created by him, he should not see other document. 
2)Other user apart from creator of document should not see or should not delete the document.
3)While approver will see the document, he can only view the document he should not delete the document. 
And while approver will see the document he should not get the add new document option(For this i have given permission Read Only, View Only permission but still while approver login to system he get add new document option.)

Pls help somebody how can i give permission for above mentined condition.

smr replied to Rahul Khanna on 05-Sep-11 12:47 AM

follow these steps

  1. Go to Site Settings.
  2. Click on Site Permissions under Users and Permissions.
  3. Click Check Permissions
  4. Enter the name or account of the person, seurity group or distribution list that you want to check
  5. Click Check Now.
  6. You can see where this person/distribution list/security group has permissions on your site and at what level. It will also show you what lists that entity has permissions to and what level. Another very cool feature to note is that it will check for a name within a distribution list and/or security group.
  7.  For example, if you are trying to find out if Jim Smith has permissions to your site it will check for Jim Smith in any security group or distribution list that have been assigned to your site or a list within your site.
  8. The other great feature as it relates to security is the ability to see what content within your site is breaking inheritance. You can do this by clicking on the Show me uniquely secured content link.
  9. Permission Inheritence Checker
  10. The screen you will be presented will show the lists and libraries on that site that are breaking inheritance. Unfortunately, it does not show you here what people or permissions are on this list. It is up to you to go to each of the libraries or lists and manage the permissions. None the less, a very helpful and needed feature.



refer links also
smr replied to Rahul Khanna on 05-Sep-11 12:49 AM

The code behind of the login page the mappings are retrieved, the IP address of the request is checked against the mappings, and if an authentication provider is found the user is redirected to the provider’s sign-in page.
protected override void OnLoad(EventArgs e)
  if (SPContext.Current == null) return;
  if (SPContext.Current.Site == null) return;
  if (SPContext.Current.Site.WebApplication == null) return;
  SPWebApplication app = SPContext.Current.Site.WebApplication;
  SignInConfiguration config = app.GetChild<SignInConfiguration>("SignInConfig");
  SPAlternateUrl u = app.AlternateUrls[Request.Url];
  SPUrlZone zone = u.UrlZone;
  string components = Request.Url.GetComponents(UriComponents.Query, UriFormat.SafeUnescaped);
  SPIisSettings settings = app.IisSettings[zone];
  string ip = IpNetworking.GetIP4Address();
  ip = Regex.Replace(ip, @"^(?<Prefix>(\d{1,3}\.){3})\d{1,3}$", "${Prefix}*");
  if (config != null && config.ProviderMappings.ContainsKey(ip))
    string targetProvider = config.ProviderMappings[ip];
    foreach (SPAuthenticationProvider provider in settings.ClaimsAuthenticationProviders)
      if (string.Compare(provider.DisplayName, targetProvider, true, System.Globalization.CultureInfo.CurrentUICulture) == 0
        || string.Compare(provider.ClaimProviderName, targetProvider, true, System.Globalization.CultureInfo.CurrentUICulture) == 0)
        string url = provider.AuthenticationRedirectionUrl.ToString();
        if (provider is SPWindowsAuthenticationProvider)
          components = EnsureReturnUrl(components);
        SPUtility.Redirect(url, SPRedirectFlags.Default, this.Context, components);
    SPUtility.Redirect("/_forms/default.aspx", SPRedirectFlags.Default, this.Context, components);  
Sreekumar P replied to Rahul Khanna on 05-Sep-11 12:55 AM

Although sites that are built on Windows SharePoint Services often have additional default SharePoint groups, Windows SharePoint Services 3.0 includes five permission levels by default. Each of these permission levels has specific permissions associated with it. As a site owner, you can choose which permissions are associated with these permission levels (except for the Limited Access and Full Control permission levels) or add new permission levels to combine different sets of permissions.

 Note   Prior to Windows SharePoint Services 3.0, permission levels were called site groups and SharePoint groups were called cross-site groups.

As a site owner, you can associate permissions with permission levels and also associate permission levels with users and SharePoint groups. Users and SharePoint groups are associated with securable objects such as sites, lists, list items, libraries, folders within lists and libraries, and documents. For more information about assigning permissions in different securable objects, see About controlling access to sites and site content.

Default permission levels in Windows SharePoint Services 3.0

Permission Level Description
Full Control This permission level contains all permissions. Assigned to the Site name Owners SharePoint group, by default. This permission level cannot be customized or deleted.
Design Can create lists and document libraries, edit pages and apply themes, borders, and style sheets in the Web site. Not assigned to any SharePoint group, by default.
Contribute Can add, edit, and delete items in existing lists and document libraries. Assigned to the Site name Members SharePoint group, by default.
Read Read-only access to the Web site. Users and SharePoint groups with this permission level can view items and pages, open items, and documents. Assigned to the Site name Visitors SharePoint group, by default.
Limited Access

The Limited Access permission level is designed to be combined with fine-grained permissions to give users access to a specific list, document library, item, or document, without giving them access to the entire site. However, to access a list or library, for example, a user must have permission to open the parent Web site and read shared data such as the theme and navigation bars of the Web site. The Limited Access permission level cannot be customized or deleted.

 Note   You cannot assign this permission level to users or SharePoint groups. Instead, Windows SharePoint Services 3.0 automatically assigns this permission level to users and SharePoint groups when you grant them access to an object on your site that requires that they have access to a higher level object on which they do not have permissions. For example, if you grant users access to an item in a list and they do not have access to the list itself, Windows SharePoint Services 3.0 automatically grants them Limited Access on the list, and also the site, if needed.