Restrict SharePoint Online list view to group
UPDATED:Here you can get another good solution. My OLD answer:From my experience It is depend on what is your expectations from solution, your limits, what you want to get and what things you can sacrifice and in some cases what SharePoint edition you are using. Note: SharePoint does not have out-of-box fully customizable list item permissions. I can say about some expectations, some details, some solutions and workarounds and how to implement this. .1. You want to disallow users to see other users views. But:
To achieve this you can: .1.1. Open list under each user and create its own Personal View. .1.2. Create Public View and set its Target Audience. .1.3. Create Public View, open its page, edit page, delete List View Web Part, add Content Query Web Part and set its Target Audience. .1.4. Add javacript to list view page. .2. Users cannot see other users created list items from any source (any list views, any API and web services). .2.1. Note: this is limited. User can only read, edit list items which created by him. You cannot apply this on other users created list items. .2.2. Create different lists for different users with different permissions. .2.3. Note: this is limited by SharePoint unique permissions limits. .2.4. I don't know if SharePoint has some limits to this but you can try and I don't know if you can perform this from public API but you can try to investigate. .2.5. If you use SharePoint On-premise edition then you can add: .2.5.1. List event receiver that run on list item Create event and perform following actions: .2.5.2. Create Timer job, deploy, schedule it in SharePoint Central Administration. .2.6. You can create Console Application (c# language) that connect to SharePoint, check newly created list items periodically and: .2.7. You can write Powershell script that connect to SharePoint, check newly created list items periodically and: .2.8. You can create Windows Service (c# language) that connect to SharePoint, check newly created list items periodically and: .2.9. May be you can create some other periodically running code (like Workflow, Console App, PowerShell script, Windows Service) in any server. I think this ways is applicable to many cases. If you want more customizable control, or you have some limits in implementation, then you can create many workarounds by many ways. Workaround can close many permissions holes but may be not all holes: .1. You don't want user can create views from list view page UI. .2. You don't want user can see any list item data changing URL list item ID to another. .2.1. You can add some javascript on default form pages. .2.2. You can create HttpModule that intercept web requests and check user permissions and redirect him to another page if he don't have permissions. .3. You can try to disallow REST API, JSOM using but I didn't do that. May be here exists many other different workarounds but I don't remember about them now. Try something from what I said. May be it help you. |