Forum Discussion

Shibu Mathew's avatar
Shibu Mathew
Copper Contributor
Jan 03, 2018

Assign multiples users to read and edit a item

Am creating a list in Sharepoint online and would like to restrict users to view and edit item.

 

For each item created in the list, I would like to assign multiple users to a item. So only the user's  who are assigned to the item can read and edit the item.

 

I have tried enabling Target Audience in the list setting and have assigned sharepoint group to the target audience field for each item. But still all the users are able to see all the items.

 

Is there a way to assign set of users to item in the list ?

  • While I don't recommend it, what you have to do is to break security at the item leve...since this is something you might want to do in an automatic fashion, I would recommend you to take a look to the possibilities that Webhooks and Flow can give you
    • Shibu Mathew's avatar
      Shibu Mathew
      Copper Contributor
      Do you have any prototype to show how this can be achieved ?
      • Russell Gove's avatar
        Russell Gove
        Iron Contributor

        heres an example using pnp-js-core:

        // get the role definitions
        await pnp.sp.web.roleDefinitions.get().then((roleDefs) => {
        this.addMessage("got roledefinitions");
        roleDefinitions = roleDefs;
        return;
        }).catch(error => {
        debugger;
        this.addMessage("<h1>error fetching roledefs</h1>");
        this.addMessage(error.data.responseBody["odata.error"].message.value);
        console.error(error);
        return;
        });
        // get the site Groups
        await pnp.sp.web.siteGroups.get().then((sg) => {
        this.addMessage("got Site Groups");
        siteGroups = sg;
        return;
        }).catch(error => {
        debugger;
        this.addMessage("<h1>error getting site groups</h1>");
        this.addMessage(error.data.responseBody["odata.error"].message.value);
        console.error(error);
        return;
        });

         

        // Setup security on the library. First, break role inheritance
        await list.breakRoleInheritance(false).then((e) => {
        this.addMessage("broke role inheritance on " + library["Title"]);
        }).catch(error => {
        debugger;
        this.addMessage("<h1>error breaking role inheritance on library " + library["Title"] + "</h1>");
        this.addMessage(error.data.responseBody["odata.error"].message.value);
        console.error(error);
        return;
        });
        // second , add the library-specific group
        let group = find(siteGroups, (sg => { return sg["Title"] === library["EFRsecurityGroup"]; }));
        let principlaID = group["Id"];
        let roledef = find(roleDefinitions, (rd => { return rd["Name"] === "Content Authors without delete or modify"; }));
        let roleDefId = roledef["Id"];
        await list.roleAssignments.add(principlaID, roleDefId).then(() => {
        this.addMessage("granted " + library["EFRsecurityGroup"] + " read access to " + library["Title"]);
        }).catch(error => {
        debugger;
        this.addMessage("<h1>error adding role asisigment to library " + library["Title"] + "</h1>");
        this.addMessage(error.data.responseBody["odata.error"].message.value);
        console.error(error);
        return;
        });

         

        IIn this case I am assigning a group to a list, but the same nethod would be used to assign a user to a file/listitem. You would just need to get siteUsers instead of siteGroups.

Resources