Forum Discussion
Restrict shareing files in a document library to members of that document library
Hi,
I have a site with multiple document libraries, lets call them Accounts, Managers and General.
Each document library has removed inheritance and the Members and Visitors groups removed and a security group added with edit permission.
e.g. SP_Managers group
Is there a way for me to be able to restrict sharing links to files to only users that already have access to the document library?
i.e. someone in the Managers library can only share a link with others with access to that document library.
In my current case, if someone in the managers library (who is a member of the SP_Managers security group to get access) shares a file with a general user (not in the security group), that general user can not only access the shared document but, can now see the Managers Document library listed in SharePoint (Not any content) which I don't want to happen.
Another option may be to make it so the top level folder isn't visible to non members even if a file is shared (I don't know if that is possible either) but the restricting of sharing would be a better soloution.
Thanks for any advice
Ian
4 Replies
An additional three questions from me in order to understand your situation better.
1. Are there any sensitivity labels in play that might help? --> Really helps in depth with your issue
2. What are the currents sharing setttings for Files and Folders?
3. Could you clarify the "can now see the Managers Document Library listed in SharePoint" part? As in: the user can see the URL of the library?
Regarding to number 2, I've added some pictures of some setting options that might help.Files and Folder links --> You can specify for SharePoint and OneDrive who can access
In addition, if it's set on "Anyone with the link" you can set an expiration date (for instance: access by link expires after 7 days". I myself find that setting an experiation data helps users keep track of what they've shared and what not 😀 (mostly I used 30 days)
Hope this will help or maybe at least dive a bit more into your questionHi,
Sorry for the delay, had an outage take all of my attention
sorry, I don't know what a sensitivity label is. It is a single site with multiple document libraries. If labels would help, i'm ok with going down that path.
File and folder is currently the defaults like your images. I haven't made changes as they don't seem to match what i'm looking for and are also site wide which may affect other operations (still determining some functions)
for example,
user 1 is a member of sp_accounts. when they go to the home page of the site they can see the general (all users) and the accounts document libraries and their contents on the top menu.
user 2 is a member of sp_managers. they can see the General and managers document libraries and contents on the top menu.
user 2 shares the file /managers/folder name/file1.pdf with user 1
user 1 can use the link to see the pdf
user 1 can now see general, accounts and managers document libraries in the top menu but they can not see any content in the managers library.
I'd like to either stop user 2 sharing the file with user 1 (prefered) or stop the managers folder name from apearing in the top menu for user 1.
it is not possible to restrict sharing links to files to only users that already have access to the document library by default.
Here are a lot of documentation, but i think not what you looking for:
https://learn.microsoft.com/sharepoint/turn-external-sharing-on-or-off?WT.mc_id=DX-MVP-5004845
You can also set the Site sharing settings, but not restricted to existing users:
As an alternative, you can try to use a flow, checks whether the user is authorized or not.
Best, Dave
Hi,
Thanks for the reply.
I haven't looked at Flow before. it looks interesting. i'll have to teach myself about it and see if i can find a way to do what i need.
Tahnks
