Complex List Structure Options and Permissions

  • Complex List Structure Options and Permissions spevilgenius

    A customer has asked me to build a new commitment tracking system for them in Sharepoint. They have created a need for 3 types of commitments that we can just call TypeA, TypeB, and TypeC. There is also several different departments that need to be able to create these 3 types of commitments. There are 2 departments that can create the TypeB and TypeC commitment for any other department and only they can create TypeB annd TypeC. The TypeB and TypeC commitments can only be seen by the departments that they apply to and the 2 departments that created them. TypeA can be created by any department but only exists for that department.

    I had several ideas but wondered which one would be the best.

    1. Create the 3 Types as 3 seperate content types derived from the task content type. Create a single list attaching these types to the list and then create folders for each department. Use groups to control the permissions.

    2. Create a list that derives from the task list or make a custom list. Create permission sets or groups that have the correct permissions and then use an event receiver on the list that uses the metadata of the item being added to check which department is assigned to and apply the permissions at the item level.

    3. Create a separate list for each department and add the content types to each list. This seems rather crude as reporting would be more difficult.

    Does anyone have a better suggestion or idea??

    UPDATE 6-11-2011 This is an older post, but this project had fallen in priority and is now back on. I have written a blog post that I hope details it better here

  • I think those are good options, but it's difficult to really choose between them without knowing more. Here are some things which I would consider:

    • Exactly what are your reporting requirements? Presumably someone somewhere does need an aggregated view across all commitments, but do they need (for example) to create their own views? Or will a 'developed' report with no 'report builder' functionality suffice? It would be easy to aggregate the data across 3 lists with SPSiteDataQuery (for option 3), but this would be 'developed' functionality - the view infrastructure is obviously tied to a single list only so that's out for option 3.
    • What are your scale requirements? How many commitments are expected to be in the list(s) at any one time? If it's a 'high' number (somewhat difficult to define without knowing hardware/concurrent users etc.) then option 2 would be less preferable as item-level security does not scale well.

    With the information you've provided, I'd already be inclined to avoid option 2 - you would have permissions applied to many objects, when containers such as lists are folders are designed to act as permission scopes.

    Still, my thought would be that more information is needed to make a decision. Sorry to come over all politician-like ;)

  • This is what I have done to make this sort of work. I created a wsp site definition solution in VS 2008 and created the 3 content types. I added these content types to a custom list definition. I also created views for each department. I then used code to check the user information list to see what department they are in and send them to the page for that view. The 2 departments that have more 'power' get sent to a different view. On the other views I am using jQuery to remove the dropdown arrow for the content types so they only get the first content type. I am also using jQuery to hide the viewselectormenu until I find a better way of limiting what shows up in the dropdown. The users will be added to the correct groups and that seems to solve most of the problems. The default.aspx page has the code to check the user information list and it will send the user to a custom form to fill out their data if it has not yet been filled out. I made the form a custom webpart that I use to draw the controls on the screen, but I send the data back to the list using Marc Anderson's jQuery SPServices library.

list permissions
Related questions and answers
  • in another list based on a lookup. I have two users, call them Jane and John. Jane is a member of several SP groups, one of which has Full Control permissions. John is a member of a couple of SP groups, one of which has Contribute permissions. I have 2 workstations, lets call them W1 and W2. Both are on the local area network and connect to the SP site via Internet Explorer 7 via http://example... is configured to allow the workflows to be initiated. I cannot seem to find any aspect of SP groups or users or permissions which would affect a user's ability to initiate workflow from one

  • , userY and userZ. I had hoped it would ignore the blank variables, but instead it assigns a task to nobody and the workflow never finishes. Having the user assign the item to users instead of departments is not possible since they can't be expected to know the appointed representatives of every department. I can create a task through the "Create List Item" action, but the workflow is marked... the first department marks their task as complete before it assigns a task to the next department. I need all departments to be assigned the task at the same time. Other options I have considered

  • I've created a custom list in SharePoint 2010 from a custom content type (inherit from item) and I would like to give the users the option to order the items in this list - similar to how users can... in 2010. I also added the OrderedView property on the View element. After creating a list from this defintion, when I look at the list settings and attempt to modify a view then I see the options that indicate that the list can be ordered by a user. However, I'm missing the button (Change Item Order) on the ribbon that allows a user to order the list. I can navigate to the /_layouts/reorder.aspx

  • , to have each one as a 'subsite' feels like overkill, but that may just be because I'm not used to the terminology. I would ordinarily just think of them as subsections of a website. The 'Support... dashboards and a collaborative wiki. For the public-facing content, the site structure is as so: Home Company About Us Testimonials ... ... etc Products Product 1 Product 2 ... ... etc Support... the same master page and top-level navigation, and Company and Products will each have a left-placed submenu to go to each page in their section. I'm wondering how to structure this in terms of sites

  • Organizer you have to assign rules that depend on a specific content type. So in our case we have to create identical rules for different Content Types, for example if Content Type = Contract and File Plan... content type (in our case document) that would apply to all inheriting Content Types but that is not the case. Does anyone know of a potential solution to this issue? It seems like the Content Type...We are currently doing a POC for a client to use SharePoint 2010 for Records Managment. The client has around 200 content types, and a deep nested file plan of around 500 potential nodes. In order

  • I have created several custom user controls that I added to the Redering templates of some forms in a custom solution for WSS 3. Most of these templates have codebehind and they all are correctly... setting in the web.config file to use the 3des algorithm as I had found on many sites. This fixed most of the issues except for my custom forms .ascx pages as everyone of them still give a FIPS error and they do not work. I have found the code that I can place in the machine.config file that turns off the check, but I would like to figure out what is going on with this. I have ensured that debug

  • We have several profile properties that are set as multivalue fields and are restricted to a list of options. Some of them are set up as Company Name Company Name - Specific Department 1 Company Name - Specific Department 2 If a user tries to select "Company Name" using a non IE browser (I've tried Chrome, Firefox & Safari), they get an error message saying "more than one matched choices..., whether using the "select property values" popup or by typing directly into the field. We have several users who use Macs and therefore have no access to IE. Does anyone know how to get around this?

  • I have a need to calculate working days until an item is due or working days past due. I also have to exclude holidays and the holidays may or may not apply to that item based on what project the holiday applies to. I had created a holiday calendar and initially created the field as a computed field that would display an empty div tag and I would use code to do the calculations and display it inside the div tag using javascript. This worked fine when the items were in a single list. Due to other requirements I needed to create a single list for each department. Now I still need to display

  • I can think of is to have another timerjob that polls some kind of queue (for example a sharepoint list in my site collection) for new timerjobs to create, and creates it if an item has been added... that the App pool user for your content web application does not have write access to the Config database, you can't create new TimerJobDefinitions from code that runs in your content web app. A bad...I have run into a problem several times now where I have developed a custom timer job, and I want my site collection administrators to manage the schedule of this job with a custom application page

Data information