Set Security on fileattachment

Mahdi Kazemimehr asked on February 18, 2015 07:40

I created new page type that included File field.

My authenticated visitor users can submit new page type using user contribution.

I using repeater web part for show my page type on live site.

How can I set permission denied on downloadable file field for NOt authenticated users?

Note that Not authenticated user can see other fild of page type.

Correct Answer

Marek Fesar answered on February 24, 2015 17:15

Hi, correct me if I am wrong, but your users are able to submit new pages of your type, not new page types. You could achieve what you desire by setting a visibility condition on your File field (utilizing {% CurrentUser.IsAuthenticated |(identity)GlobalAdministrator%} macro expression for instance).

You are talking about permission denied on downloadable File field - the above will prevent the user who is not authenticated to see the field and if you are using a repeater to display the pages of your type, you might need to hide the File field in the transformation used by the repeater. Regrettably you can not set permissions on per field basis so if the user would know the link to the file, they would be able to access it. To prevent them from doing so, you would have to restrict the permissions for the whole page.

Hope this helps


Marek Fesar

0 votesVote for this answer Unmark Correct answer

   Please, sign in to be able to submit a new answer.