In this blog post we can see how to block a User or User Group from Accessing a Share Point 2013 or Share Point 2010 site without disturbing the security permission. This Access Denied web part can also be configured to be used as an URL redirect web part by providing custom redirect URL as an input parameter.
Access denied web part has 4 custom properties which can be configured via web part properties page. The below are the details about the properties
Properties
Sl.No | Property Name | Remarks |
1 | UserNames | Accepts User names (login name) as comma separated Values |
2 | UserGroups | Accepts Share Point User Groups as comma separated Values |
3 | RedirectUrl | The URL to which the user has to be redirected after blocking the user. If left blank, the user will be redirected to default SharePoint Access Denied page. |
4 | BlockingMode | Can be set to UserGroup or UserName |
5 | IncludeSiteCollectionAdmin | If Un-Checked (Default state) , the blocking option set wont restrict Site Collection Admins from accessing this page. If you have to restrict Site Collection Admins too then set this property to true. |
The web part code file contains 2 core methods named as IsMemberOfUserGroup and isBlockedUser which blocks the individual users or all users under a particular SharePoint User Group or groups based on the blocking mode option selected. Find below the code snippet which validates User and User Group.
/// <summary>
/// Determines whether user is member of specified user groups.
/// </summary>
/// <param name="userGroups">The user groups.</param>
/// <returns>
/// <c>true</c> if [is member of user group] [the specified user groups]; otherwise, <c>false</c>.
/// </returns>
private bool IsMemberOfUserGroup(string userGroups)
{
if (string.IsNullOrEmpty(userGroups))
return false;
SPWeb web = SPContext.Current.Web;
string[] Groups = userGroups.Split(new string[] { "," }, StringSplitOptions.RemoveEmptyEntries);
if (Groups.Length == 0)
return false;
foreach (string item in Groups)
{
if (item.Trim().Length == 0)
continue;
int groupId = web.Groups[item].ID;
if (web.IsCurrentUserMemberOfGroup(groupId))
return true;
}
return false;
}
/// <summary>
/// Determines whether user account is blocked.
/// </summary>
/// <param name="userAccounts">The user accounts.</param>
/// <returns>
/// <c>true</c> if [is blocked user] [the specified user accounts]; otherwise, <c>false</c>.
/// </returns>
private bool isBlockedUser(string userAccounts)
{
if (string.IsNullOrEmpty(userAccounts))
return false;
string[] users = userAccounts.Split(new string[] { "," }, StringSplitOptions.RemoveEmptyEntries);
if (users.Length == 0)
return false;
SPUser usr = SPContext.Current.Web.CurrentUser;
if (usr == null || string.IsNullOrEmpty(usr.LoginName))
return true;
string loggedInUser = usr.LoginName.ToLower();
if (loggedInUser.Contains("|"))
loggedInUser = loggedInUser.Split('|')[1];
foreach (string user in users)
{
if (user.Trim().ToLower() == loggedInUser)
return true;
}
return false;
}
Leave a comment