Can 'View' Capabilities be Disabled within SharePoint Groups?

I'm back from my conference and struggling to get caught up after being out of the office for a week, so I'm going to rely on the trusty SharePoint Blank Mailbag to jump-start my return to the blog.  Today's question comes from a WSS 3.0 user who asks:

Can the "View" ability on a list or library be disabled for a specified user group?

I really can't say "thank you" enough to the folks who take the time to send in questions such as this one, as they almost always spark new discoveries for me.  This current question is no exception, and represents an area I'd never even considered, which is essentially a request for a la carte permissions.  Guess what?  Turns out that with the Advanced Permissions feature, this is indeed out-of-the-box functionality for both WSS 3.0 and MOSS!

So how does one go about taking advantage of this functionality?  The journey begins with the Settings drop down button within the Site Permissions page for the desired site:

SharePoint Site Settings -> Permission Levels

On the resulting page, you'll notice an Edit Permission Levels hyperlink in the toolbar area.  Be advised that clicking the hyperlink will render following warning pop up message:

Note:  Breaking this permissions inheritance will mean that changes to the partent groups and permissions within this site will require manual oversight of groups/permissions within this site.  Having said that, clicking OK (which you'll need to do in order to create a custom permission level) will render the Permission Levels page with your available editing options:

Edit SharePoint Permissions

It may be difficult to see from this image, but Full Control and Limited Access are not active check boxes (for all intents and purposes).  This is because  Full Control and Limited Access are system permissions which SharePoint will not allow you to edit.  While the remaining "stock" permission levels are customizable in an a la carte fashion, it is a strongly recommended best practice that, rather than modifying the permissions at the line-item level, an entirely new permission level should be created to your desired specs.

To create a new permission level using the a la carte options of your choosing, simply click the Add a permission Level link in the toolbar (as pictured at the upper left of the image above).  In addition to allowing you to provide a Name and Description for the new custom permission level, you'll be presented with three groupings of permissions (with an option to Select All, or deselect all) : List Permissions, Site Permissions, and Personal Permissions.

Since there are clear and detailed descriptions provided for each line item, I'm going to show an image for each of the groupings to demonstrate what's on the menu:

List Permissions:

SharePoint List Permissions

Site Permissions:

SharePoint Site Permissions 

Personal Permissions:

SharePoint Personal Permissions

Note that, in order to remove the ability to Add or Delete public views, you'd want to make sure that Manage Lists, the first line item under the List Permissions heading, is unchecked.  To disable the ability for a user to create, change and delete personal views of lists, you'd want to ensure that Manage Personal Views (the first item under the Personal Permissions heading) is unchecked. 

And there you have it ... custom permission levels, available out of the box!


Posted Jun 08 2009, 04:53 PM by John Anderson

Comments

flavio wrote re: Can 'View' Capabilities be Disabled within SharePoint Groups?
on Tue, Jul 17 2012 6:26 PM

Is it possible to disable "Full Control"? I want the users have access to the List Manage, but without the option to check "Full control"

Thanks for the post

Maninder wrote re: Can 'View' Capabilities be Disabled within SharePoint Groups?
on Sat, Mar 1 2014 12:45 AM

Hi  John,

This is quite useful information can you please help me a little more on this how we can achieve the same through code. I have managed to override AllItems.aspx page and overriding the default view according to the logged in user group this provides me security only for this view .Any other view creation manually exposes all items . My requirement is can we restrict that on any new view creation we can call the allitems.aspx page so that my custom code filters the items or suggest me a batter way to achieve the security(other than item level security).

Thanks in advance ..

Add a Comment

Please sign into Bamboo Nation to leave a comment.

About John Anderson

John Anderson joined Bamboo Solutions as Manager of Content & Syndication in May of 2008 after a 12-year career at AOL.  New to SharePoint at the time of his hiring, John was tasked with creating a new blog for the just-launched Bamboo Nation community in which he would document his daily SharePoint learning process.  Thus was born the end user-centric SharePoint Blank, for which John authored 200 posts within a year, and which he continues to write today (albeit much more sporadically).  Currently serving as Managing Editor, John sets the tone for Bamboo Nation as its lead blogger, and oversees content across Bamboo properties.

Bamboo Solutions Corporation, 2002-2014