Item Level Permissions
We can enable Item-level Permission on a list so that only the creator will be able to read the item. For other users the item won't be displayed.
As an Administrator, you can go to the List, List Settings, then Advanced Settings to enable Item-level Permissions.
Testing from Browser Access
Create a new item as Site Collection Administrator or Site Owner User.
Now login as a different user who is just a contributor. You won’t’ be able to see the Admin item now.
Now create a new item.
Now login back as Administrator & you can see both the items.
Note: Site Collection Administrator or Site Owner can view all the used Items.
Testing from Code Access
Now let us see the Item-level Permission applies to Code Access as well. For this I am using CSOM Code with/without Network Credential class.
By default the code runs under Login User which is Administrator.
- static void Main(string[] args)
- {
- ClientContext context = new ClientContext("http://sharepoint");
- List list = context.Web.Lists.GetByTitle("Restricted Contacts");
- ListItemCollection items = list.GetItems(CamlQuery.CreateAllItemsQuery());
- context.Load(items);
- context.ExecuteQuery();
- foreach(var item in items)
- {
- Console.WriteLine(item["Title"]);
- }
- Console.ReadKey(false);
- }
Executing the code you can see both the items are displayed, since we are Administrator/Site Owner user now.
Now apply the contributor User Credential to test the User Context.
- ClientContext context = new ClientContext("http://sharepoint");
- context.Credentials = new NetworkCredential("sharepoint\\tim", "Welcome123");
This concludes that Item-level Permission applies to Code Access as well & Site Collection Administrators/Site Owners can view all items in both browser & code access scenario.
Note: Item-level Permissions is a great feature. Without this we would have required custom code to break the permission & assign permission to the created user.
References Summary
In this article we have explored Item Level Permissions & CSOM code with different User Contexts.