Thursday, June 27, 2013

Blocking Application pages and Forms pages access

Recently I got one question from the blog visitor on restricting the application level page access for read permission level users in SharePoint. I have done this in different way by adding Javascript in v4master and checking the user group and then only allowing these pages access. This is okay if you dont have server side access.But if you are able to access the command utility on server then below explained command will help you more. 
All the application pages have_layouts before it. Developers can create various pages for n number of purpose in share point called Form Pages. Share point will not restrict the users from accessing these pages by default. So we need to restrict the access of the application pages.

SharePoint allows this by enabling the feature  called ViewFormPagesLockDown. This feature can be activated at the Site Collection level. All the users who is not having the View Application Pages permission will not be able to navigate to pages like _layouts/viewlsts.aspx or pages/forms/allitems.aspx
Go through the below listed steps for blocking the access of application pages:

Check out users to restrict.
Set their permission to "Restricted Read" or remove the View Application Pages from existing assigned permission level.

Enable ViewFormPagesLockDown feature using the command - stsadm -o activatefeature -url -filename ViewFormPagesLockDown\feature.xml
Above command will block all users not having View Application Pages permission from accessing the application pages and form pages.

To deactivate the same feature use cammand- stsadm -o deactivatefeature -url -filename ViewFormPagesLockDown\feature.xml
Above command will deactivate the view access level permission.

No comments: