RSS
 

Limited access not working in Sharepoint 2010 pages library –Resolution

20 Feb

Recently we were stumped by a very strange issue with Sharepoint 2010 publishing page library where we were unable to give users access on one page in pages library.

The way it is supposed to work is

1. We break inheritance for a particular page(Say page P) in pages library

2.Give read access to user A on Page P

3. User A automatically gets Limited Access on pages library ,site and site collection

4.User A directly accesses the Page

Expected result :Page P is displayed

Actual result:User gets access denied

 

We initially suspected that there was some code on the page that was accessing data/resources that user did not have access to and hence throwing access denied. So we started our small witch hunt,these are the steps we did

1.Checked code for webparts to make sure all code was in elevated privileges

2.Removed all webparts

3.Experimented with out of box page layouts and master pages

None of them seemed to work. Only thing that worked was giving Read access to User A on Pages library.

This option was not acceptable as user A gets access to every page inheriting permissions from pages library

Finally we were also able to replicate this on Out of box sharepoint publishing site.

It seems it is a BUG in sharepoint.

See MS blog for details http://blogs.technet.com/b/stefan_gossner/archive/2011/11/14/interesting-access-denied-problem-on-publishing-pages.aspx

In a nutshell in publishing site if you have enabled content approval and also use minor versions, you need to give users read access to the pages library. This is a bug in Microsoft.SharePoint.Publishing.Internal.ScheduledItemEventReceiver . It checks for all event receivers attached to the page and this required read access  to library.This is called when Schedule button is enabled in Ribbon

We then tried to simply not  load the control and disabled ribbon but still the same issue persisted, so we know that it is not limited to ribbon control but the whole page itself.

So if you really need to use this functionality ,the only easy solutions you have at the moment are

  1. Disable content approval workflow on that pages library
  2. Make sure no page inherits permissions,so even if you have to give users read access to pages library it wont matter because all pages are protected: But again if you use content deployment ,you have another problem :Content deployment many a times resets page permissions on target/rendering system,IE all pages start inheriting permissions. If this happens all users get access to all pages on rendering server even though they don’t have it on authoring.

As luck would have it ,we were using content deployment also and option 1 was not an option ,so we had to actually use a custom solution to protect our pages .A detailed post on it coming soon

 

Share
 
No Comments

Posted in sharepoint2010

 

What you see might not what it is.Difference between String.equals and String.compare

07 Oct

Recently we were stumped when our c# code was unable to compare two strings which seemed equal. We even compared the strings Via excel and they were deemed equal.

But when we used String.Compare to compare the strings it compared successfully.

So what was the issue?

What is the diffrence between == and compares

== and .Equals compares strings Bit by Bit while String.Compare compares the
strings by value (lexicographically)

 

A string can be stored in multiple ways depending in culture and encoding,they might be lexicographically equal but their bits might vary.When we compare equal (to the eye)strings bit by bit it might fail to compare in .equals while might compare successfully using .compare

 

In our code two strings being compared were coming from a certificate and web.config and both could internally be stored with different encoding/cultures and might have different bit sequence even though they were equal
lexicographically.

Hence comparing strings with “==” failed while String.compare passed.

Another strange issue was that the code worked on some servers while failed on others.My guess here is that due to various factors such as server architecture,encoding installed and system configurations servers might be storing the strings in different bit formats and hence failing on using “==”.

 

Share
 
No Comments

Posted in Quick Tip

 

How to correct: The search request was unable to connect to the Search Service in FAST with Sharepoint 2010

18 Jul

“The search request was unable to connect to the Search Service.”

Installed Fast search server binaries on a 64 bit machine and connected it to Sharepoint 2010 installation.

Everything went smooth, was able to create Query Service application and content service application, FAST Content application was able to crawl my data but still when i fired a search from FAST search center site ,I got an error message

“The search request was unable to connect to the Search Service.”
After hours of headbanging which included restarting the machine and recreating service application ,I looked at the obvious culprit
The QRproxy service on my fast search server was Dead.
To know about status go to your Fast Command shell and type
nctrl status
Every attempt to start the service failed
nctrl start qrproxy
Finally found out the error in system event Log it did not have Windows identity foundation installed.(Windows6.0-KB974405-x64.msu)

To fix the isuue simply download

http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=17331

Install and try starting the QRproxy service and it should be all set

Note: even though Windows identity foundation is a prerequisite for FAST installation, it did not stop me from installing FAST which it ideally should have

Share
 
No Comments

Posted in FAST, Quick Tip, Search

 

Designing Intranet search…Its not google

03 Dec

Search enables users to find what they are looking for…a myth

Believe it or not ,search in intranet domain is not centered around what users want to see but more importantly what business wants the users to see.This statement might seem radical but it is not so when you look behind the intent. Business generally knows what are the repositories available,what are the expected searches and what type of search result might help you do your Job better.Its like a Big brother watching you and guiding you to search. You may be typing in Holiday Calender but what you really need is the corporate calendar because there us nothing called a separate calender.Many Large firms spend considerable energy in driving employees to the places they deem are important rather than firing a true search
Since intranet is a managed content with clearly defined content creators and owners the search design is different from normal internet search. Here the focus is not on covering all the data but how to block certain data,its more focussed on promoting a few pages on top rather than finding the best fit for your search.

A wrong result is more worry some rather than a missing right result.Consider an example here: HR releases a not so popular  policy and this leads to a lot of backlash from employees on Intranet forums,internal blogs ,reviews etc..

Now irrespective of  how popular a certain disgruntled employees blog is on the intranet a company will never want to get that as top search result for someone searching about it.

It will be like training your own contract killer….:)

So what do companies do?..

Stop indexing the blogs… a highly unpopular decision leading to further back lash….

Block that page:…..Going toooo far

quietly push the HR pages up…..various search providers give this functionality especially fast esp which basically lets you give HR sites a Static boost that will surpass any amount of traffic going to the particular site…

So Now you know…while designing search solutions for intranet..Do not always look at google…remember these intents

1.Its about what we want to show rather than what user wants to see

2.Its about controlling rather than freely searching

3.Tweaking queries or simply changing them is OK

4.Its focus is to not show certain sites or show certain sites rather than cover everything..

Now you know……
Comments welcomed

Share
 
No Comments

Posted in Search

 

7 things I hate about SharePoint designer

09 Nov

OK I will be honest, as a developer I try not to use SharePoint designer…I wont say its BAD or limited ..its Damn good..it can create things like simple workflows in minutes which might take me a minimum of an hour …

But still there are limitations…you may call me a biased developer who leans on heavy customization :) (thats how i earn my bread and butter)…but i finally decided to list top 7 things I hate about SharePoint designer

1.You can break things very easily: Yes irrespective of how easy SharePoint designer maybe,breaking things is way to easy. A missed checkin , an accidental Zone deletion…its way to easy to run into problems. I know a person who spent 2 days figuring out why a SharePoint workflow would trigger using admin account while not by End user account. He finally figured out because a few files were checked out in SharePoint designer. I know you may argue that these problems may arise in custom deigned visual studio workflows also but the process there is little more technical eliminating such missed thing to a minimal. Sharepoint designer is scary because its too easy to use yet gives too much power to the user

2. No reusable workflows: I designed a workflow for my document library ,another department also wants it for their doc library and wants to keep it in sync with myworkflow…can i do is….NAAAAA…you need to recreate the workflow for them and do all updations seperately

3. No Looping in workflows:Yes its true…if you want to create a workflow which sends out email reminders to task owner untill he/she completes it,you cannot do it easily in SharePoint designer. Yes there are ways..you need to create two workflows..almost identical to do it…More on that later

4. Unghosted pages: Whenever you customize any page/page template that page basically becomes unghosted…in simple terms you can say that all the changes are stored in DB rather than on your file system. So if you added some new webpart zones and you want to use the same template on another sharepoint environment you CANNOT simply download the pagetemplate file from your server and upload into other server.

Where as in case of site definitions you can,because whats in document library is nothing but whats in your 12 hive

5. Inherent limitations of Site templates over Site definitions: Using sharepoint designer you can very well modify your site and create site templates but remember,site templates are linked to their site definitions tightly ie suppose you create a team site and them modify it and save it as a template called myTeamSite this new template is essentially linked to team site. Any updates by MS on team site would directly effect your Site

Where as Site definitiosn are independent entities…MS updates will have no effect on them…

6. Ok i may be repeating myself here but just that this issue needs a seperate point..think about so many diffrent webparts like data view etc that you can use in sharepoint designer…Look at the example here

http://blogs.msdn.com/b/sharepointdesigner/archive/2007/06/15/how-to-integrate-virtual-earth-maps-with-a-sharepoint-list.aspx?PageIndex=6

here a contact list is integrated with bing maps to automatically display the map along with contact details…sounds cool..yeah it is  Suppose you followed this blog and modified the xslt etc of contact list page to display page of contact list…Now…Imagine you are a developer …you did this on your machine..now you want to port it to your customers machine..how will you do it?? well you go to production environment and do the exact same things with a list..Like it???

easier solution is to create a webpart ,create a list definition and add this webpart in dispform.aspx page :)

7. It wastes time: Yes you read it right..for any complex requirement its better to code rather than try figure out the logic in SharePoint designer. Yes i accept that here i may be biased like most Sharepoint develeopers…:)..

If you agree/disagree..do let me know your views

PS:Most developers I have spoken to do not like using SharePoint designer..part of the reason being it does not require any coding..its mostly configuration…and developers hate configuration…I being from the same fraternity am biased against SharePoint designer…take my views with a pinch of salt

this article is valid for MOSS and WSS 3.0 and not for Sharepoint 2010.hate to say this but..it looks promising…

Authors and copywrite owners:
Paromita Mondal
Madhur Chadha

Share
 
6 Comments

Posted in MOSS, sharepoint

 

TAB webpart for Sharepoint

08 Nov

Are you one of those guys who have too much content to put on home page and want to avoid all that un neccesary scrolling..>

Here is a cool webpart that will help you tab your content,tab any webpart that is placed in this zone …..

http://blogs.msdn.com/b/bobgerman/archive/2008/02/19/back-in-the-zone-with-zonetabs.aspx

Share
 
No Comments

Posted in Quick Tip, UI

 

Quick tip on publishing template

03 Nov

YOU cannot create a site template out of a site created from publishing template….So if you designed your page..created lists..spent hours configuring sharepoint designer workflows on a site created using publishing site.. and want to share the same template across your company s…you will be in for a surprise…NO STPS for pubishing sites

Share
 
1 Comment

Posted in Quick Tip

 

Why use three state workflow over approval workflow

03 Nov

a quick advantage of Three state workflow is that since three state workflow works on a field in the list,it triggers the itemevent receiver at each workflow stage while approval workflow does not…..
SO if you want to trigger any event receiver on item approve…this is your bet….

Share
 
No Comments

Posted in Quick Tip

 

get SPWeb from URL by passing it to SPSite constructor

01 Nov

Saw this  strange behaviour of SpSite.openweb(). the web object depends on tne URL passed as parameter for spsite

for eg if you want to get an spweb object from a URL  do the following

SPSite site = new spsite(<complete path upto the web level>);

SPWeb web= site.OpenWeb();

now this will give you not the spweb object of the root web but the one whose url is passed in spsite constructor.

Neat smile

Share
 
4 Comments

Posted in MOSS, Quick Tip, sharepoint

 

Creating a List Instanca through a feature

01 Nov

A very neat way to create a list instance is through a feature.

For eg you have list definition with a feature ID

you need to create another feature suppose list instance

in this feaature folder you will have an instance.xml whi will contain information likee

1. name of the list instance you want to create

2. listtemplate feature ID

now as soon as this feature is activated on any web a list with the name you specified and of the type you selected would be automatically created

Share
 
3 Comments

Posted in MOSS, Quick Tip, sharepoint

 
« Older Entries
 
Partly powered by CleverPlugins.com