1. Help
  2. Community
  3. Product Feedback and Feature Requests
Not planned

Permission Levels That Keep Users From Accessing SharePoint Sites Content

Avatar
aaron
Follow
0

If users have access to Sintel Forms they are also able to sign into the SharePoint Site and View Contents. I have not found a stable, simple work around for this. 

 

This can be very bad for users that fill out sensitive HR information because all employees can then access that information. 

Comments

1 comment
Sort by Date Votes
  • Avatar
    Piotr Jasek

    This particular query is outside of the scope of Sintel Forms. Sintel Forms does not control a users ability to access the standard "Site Contents" link available in SharePoint.

    After discussing this internally we have the some recommendations for you but there isn't anything we can add to Sintel Forms to assist you with it as this is really a SharePoint feature/limitation.

    If you want to hide the "Site Contents" from users you can:

    1. Change the permission level of the visitor group from "Read" to "Restricted Read" which will mean that visitors won't see the site contents link anymore
    2. Remove the permission "View Application Pages" from the "Read" Permission level.
    3. Use CSS/modify the masterpage


    If you don't mind the users seeing the "Site Contents" link but don't want them to see the lists/libraries you can:

    1. Hide the lists/libraries using SPD or PowerShell


    If you don't want users to be able to see/edit forms other than their own:

    1. Configure item level permissions on the lists (not the list items) such that you specify what users can see and edit


    In all cases if you want users to be able to fill in a form using Sintel Forms they will need:

    1. "Contribute" access to the list you have configured Sintel Forms on
    2. "Contribute" access to any sub-lists (related lists) you are using on the form
    3. "Contribute" access to the list SintelFormsChat_GUID, this is only required if you have enabled the comments feature of Sintel Forms


    Finally, another option is to set a filter on the default view of a list such as "Where ID=0" which means that if anyone opens the list they won't see any data.  Users with Contribute access will then be able to submit forms but they won't be able to see/switch to other views so they won't be able to see any data. You can then create a custom page and add the list view web part to it and configure it as you need. This new page can be restricted from regular users.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post