Forum Discussion
Assign multiples users to read and edit a item
Am creating a list in Sharepoint online and would like to restrict users to view and edit item.
For each item created in the list, I would like to assign multiple users to a item. So only the user's who are assigned to the item can read and edit the item.
I have tried enabling Target Audience in the list setting and have assigned sharepoint group to the target audience field for each item. But still all the users are able to see all the items.
Is there a way to assign set of users to item in the list ?
- While I don't recommend it, what you have to do is to break security at the item leve...since this is something you might want to do in an automatic fashion, I would recommend you to take a look to the possibilities that Webhooks and Flow can give you
- Shibu MathewCopper ContributorDo you have any prototype to show how this can be achieved ?
- Russell GoveIron Contributor
heres an example using pnp-js-core:
// get the role definitions
await pnp.sp.web.roleDefinitions.get().then((roleDefs) => {
this.addMessage("got roledefinitions");
roleDefinitions = roleDefs;
return;
}).catch(error => {
debugger;
this.addMessage("<h1>error fetching roledefs</h1>");
this.addMessage(error.data.responseBody["odata.error"].message.value);
console.error(error);
return;
});
// get the site Groups
await pnp.sp.web.siteGroups.get().then((sg) => {
this.addMessage("got Site Groups");
siteGroups = sg;
return;
}).catch(error => {
debugger;
this.addMessage("<h1>error getting site groups</h1>");
this.addMessage(error.data.responseBody["odata.error"].message.value);
console.error(error);
return;
});// Setup security on the library. First, break role inheritance
await list.breakRoleInheritance(false).then((e) => {
this.addMessage("broke role inheritance on " + library["Title"]);
}).catch(error => {
debugger;
this.addMessage("<h1>error breaking role inheritance on library " + library["Title"] + "</h1>");
this.addMessage(error.data.responseBody["odata.error"].message.value);
console.error(error);
return;
});
// second , add the library-specific group
let group = find(siteGroups, (sg => { return sg["Title"] === library["EFRsecurityGroup"]; }));
let principlaID = group["Id"];
let roledef = find(roleDefinitions, (rd => { return rd["Name"] === "Content Authors without delete or modify"; }));
let roleDefId = roledef["Id"];
await list.roleAssignments.add(principlaID, roleDefId).then(() => {
this.addMessage("granted " + library["EFRsecurityGroup"] + " read access to " + library["Title"]);
}).catch(error => {
debugger;
this.addMessage("<h1>error adding role asisigment to library " + library["Title"] + "</h1>");
this.addMessage(error.data.responseBody["odata.error"].message.value);
console.error(error);
return;
});IIn this case I am assigning a group to a list, but the same nethod would be used to assign a user to a file/listitem. You would just need to get siteUsers instead of siteGroups.