Ever wanted item level security in SharePoint without the headaches? It’s easier than you might think.
Business Goal: Provide a personalized dashboard where application owners can confirm they still need the system access they have. This access review should be quick and easy, so limiting the display to only records they need would be great.
Technical Design: SharePoint custom list with a multi-person column (“team”) and view filter [Me] to display only your records. The multi-person column can hold any user in the User Information List of your site collection. If you don’t see someone’s name here you will need to first grant them permissions (i.e. Contributor) and then come back to edit. The permission grant will register their name into the site collection so you will see it in the drop down menu. Despite having multiple values the =[Me] filter works perfectly to match only records where the visitor’s name is listed. You can also use DataSheet edit mode here to fill down (or copy/paste) and update many records quickly. Generally on a project like this many records will have a common “team” of people to review.
- Create custom list with your columns plus a multi-person column “team”
- Grant site permissions
- Populate the list. For “team” select people who will see/edit their own records.
- Modify the default view, add filter “team=[Me]’”
- Test with a few pilot users
- Send one email with the link and everyone will see a personalized list when they visit.
NOTE: “security through obscurity” is not a best practice for highly sensitive or confidential data. If the data has a firm require to not be viewed by a third party you’ll want to implement SharePoint’s true item level security feature. http://www.codeplex.com/SPDActivities has a great action step for granting security that can help automate to create a sustainable and reliable security enforcement. (thanks to @unclepaul84)
Video Walkthrough (03:39)
How to build the sample list in full step-by-step video with a demo of the final working product.