Permissions required?

Jul 14, 2014 at 1:08 PM
I've setup a page with 4 instances of the web part running and our users can't browse the default webpage because they haven't got access to a few sites located within various site collections.

Is it possible to tweak anything so users access is enumerated and they only see sites they have access to rather than just getting Error: Access Denied and then can't view anything at all

I've used the LynxTree navigation on SP2010 and this was able to show a list of sites you had access to, but it's limitation was that it only looked at the site collection it was deployed in, it wasn' configurable to URL paths.

Jul 14, 2014 at 3:04 PM
Further to this it seems any standard user can't access a page with 1 web part on it and1 site collection in the web part (they've got full control to the underlyin site)

Have you seen any issues like this before? It looks to me like only farm/site collection admins can use this?

Jul 14, 2014 at 4:10 PM
Right, I have managed to get somewhere with this.

The security is trimmed on 1 web part that looks at http://myteams - it shows a few sites my test user has access to.

But when I add a second web part that points to http://myteams/sites/test - my test user doesn't have access to it but the actual page at http://myteams comes back as 'access denied'

Can anything be done to ignore/blank out webparts or sites a user hasn't got access to? I can't see how it trims for 1 webpart (that has multiple sites in) but causes access denied for the entire page when it doesn't have access to the other web part

Jul 15, 2014 at 3:44 PM
The code considers only sites that the current user have access to, but the user requires access to the root if I remember correctly.

You will see access denied if the user does not have access to the root of the web part.

Can you confirm this is the case?

If it is, modifying it is not a big deal and can be done in the code in a pretty simple way.
Jul 15, 2014 at 3:48 PM
Also, there is a property of the web part that request to show entire site collection.
If this is checked, the user will need permissions on the root site of the site collection.

I noticed there are a lot of possible memory leaks in the code, I will update it now to fix them and also to make sure if the user has no access, nothing will be shown instead of prompting for login / access denied error.
Jul 15, 2014 at 4:44 PM
Hi Matt,

Try to use version 1.0.08 I posted it just now with a few tweaks that should help your access denied situation.

Let me know!
Jul 16, 2014 at 10:37 AM
Hi Shai

Thanks for taking a look, I've deployed and it appears to be working as I have in mind!

I was hoping that the top level URL wouldn't show for a user if they didn't have access but I guess as you define the site URL in the WP properties it needs to display something.

So in some web parts where a user doesn't have access they see for example "Accounting Dept" but nothing underneath it (has 3 sites) but when they click on Accounting Dept they get access denied so this is probably the intended behaviour.

Thanks again :)