Here’s a SharePoint 2013 situation I’ve run into: you have items in a
list/library that cannot be viewed by anonymous users. You have some
search related web part such as a content search or search result web
part that is supposed to display these items. The problem I ran into is
that I wanted information about these items to be displayed in the
search result web part while ensuring that anonymous users cannot
actually view the items. For example, you may have a list of
publications that have a title, publication date and a body of content
(see see image).
In such a case, I want everyone to be able to see the title and the publication date, however I do not want anonymous users to be able to see the body. The search result web part (via the use of a display template) will only show the title and publication date. If they want to view the content of the item, they have to click on the search result to open it up at which point they will be able to either view the item if they are logged in, or be prompted to log in if they are currently anonymous. Out of the box, if you have a search web part trying to display data to two different types of users (anonymous and authenticated users), with the scenario described above, authenticated users will see results while anonymous users will see no results (see images below)
Now I’ve seen a few ways that supposedly fix this,and my last search for this issue led me to Soeren L. Nielsen solution for this particular issue. Not to say that his solution doesn’t work, but in my case it seemed that it didn’t work for SharePoint 2013. I found that the key to get this to work lies in the PowerShell script and altering the permissions for anonymous users. The PowerShell script provided in Nielsen’s solution shown below uses the AnonymousPermMask property and ViewFormPages enum:
$web = get-spweb “http://yoursiteurl/subweb/subsubweb”
$list = $web.Lists[“ListName”]
$list.BreakRoleInheritance($true)
$list.AnonymousPermMask = $list.AnonymousPermMask -bor ([int][Microsoft.SharePoint.SPBasePermissions]::ViewFormPages) #binary or adding the permissions
$list.Update()
In the case of 2013, I found that this works with the following changes
$web = get-spweb “http://yoursiteurl/subweb/subsubweb”
$list = $web.Lists[“ListName”]
$list.BreakRoleInheritance($true)
$list.AnonymousPermMask64= $list.AnonymousPermMask64 -bor ([int][Microsoft.SharePoint.SPBasePermissions]::AnonymousSearchAccessList) #binary or adding the permissions
$list.Update()
The two key changes are in bold here. The first is with AnonymousPermMask which according to MSDN is obsolete and you need to use AnonymousPermMask64. The second and probably key change is with the SPBasePermission enum. Rather than using ViewFormPages, you need to use AnonymousSearchAccessList which is described as “Make content of a list or document library retrievable for anonymous users through SharePoint search. The list permissions in the site do not change.”
Hope this helps anyone who ran into a similar challenge!
P.S. – Don’t forget to re-crawl your site after running the PowerShell script…
In such a case, I want everyone to be able to see the title and the publication date, however I do not want anonymous users to be able to see the body. The search result web part (via the use of a display template) will only show the title and publication date. If they want to view the content of the item, they have to click on the search result to open it up at which point they will be able to either view the item if they are logged in, or be prompted to log in if they are currently anonymous. Out of the box, if you have a search web part trying to display data to two different types of users (anonymous and authenticated users), with the scenario described above, authenticated users will see results while anonymous users will see no results (see images below)
Now I’ve seen a few ways that supposedly fix this,and my last search for this issue led me to Soeren L. Nielsen solution for this particular issue. Not to say that his solution doesn’t work, but in my case it seemed that it didn’t work for SharePoint 2013. I found that the key to get this to work lies in the PowerShell script and altering the permissions for anonymous users. The PowerShell script provided in Nielsen’s solution shown below uses the AnonymousPermMask property and ViewFormPages enum:
$web = get-spweb “http://yoursiteurl/subweb/subsubweb”
$list = $web.Lists[“ListName”]
$list.BreakRoleInheritance($true)
$list.AnonymousPermMask = $list.AnonymousPermMask -bor ([int][Microsoft.SharePoint.SPBasePermissions]::ViewFormPages) #binary or adding the permissions
$list.Update()
In the case of 2013, I found that this works with the following changes
$web = get-spweb “http://yoursiteurl/subweb/subsubweb”
$list = $web.Lists[“ListName”]
$list.BreakRoleInheritance($true)
$list.AnonymousPermMask64= $list.AnonymousPermMask64 -bor ([int][Microsoft.SharePoint.SPBasePermissions]::AnonymousSearchAccessList) #binary or adding the permissions
$list.Update()
The two key changes are in bold here. The first is with AnonymousPermMask which according to MSDN is obsolete and you need to use AnonymousPermMask64. The second and probably key change is with the SPBasePermission enum. Rather than using ViewFormPages, you need to use AnonymousSearchAccessList which is described as “Make content of a list or document library retrievable for anonymous users through SharePoint search. The list permissions in the site do not change.”
Hope this helps anyone who ran into a similar challenge!
P.S. – Don’t forget to re-crawl your site after running the PowerShell script…
0 comments:
Post a Comment