Here’s the requirement. I have a forms library to which all users must be able to submit forms. Once the incident report is submitted, users should only be able to see their own forms.
There are 7 classifications of “incidents”. These incident codes and the primary person responsible for handling them are in a separate SharePoint list.
Additional requirements: the forms cannot be moved to another forms library.
Here’s what I’ve tried so far.
On the actual form library page, I have the My Documents view set as the default view. I’ve disabled the save this view and view selector menu in the Miscellaneous section of the Edit Web Part section.
I added a second web part of the library to the page and set target audience to the VP & Facilities manager who need access all forms… this web part has the All docs view.
However, I began to wonder if it would be better to create a Web part page to show these views. So on the first page add 4 web parts. the first web part is the form library with My Documents view using the current user filter (2nd web part) to display forms only to the logged in user. I then added a 3rd web part (the All Documents view of the forms library) and connected it to a SharePoint List Filter web part. This filter uses the external list containing the Incidents codes and the person responsible for each code. The filter user the Incident code field from the list (the user can select it right now), and the library is then filtered to only show forms of that Incident Code.
What I’m wondering is how to set the audience on the 3rd/4th web part? If the incident code is Employee Accident for instance, only the worker’s comp rep from HR and the VP for Admin Services should see these forms. I can create SharePoint groups for each incident code which could be used for Audience targeting.
Would it be better to create a separate web part page for each group? or is there a way to conditionally target the result based on the Incident Code selected? (it would need to be OOTB or maybe using JS link as I am not a developer and don’t have access to one).
Any thoughts/assistance would be greatly appreciated.
?width=750
Okay didn’t realize I could do that – thought if I turned off folders they were off for me too. Good to know there. When you say create them manually are you meaning through PowerShell or can I still do it through the GUI?
I know I don’t have that library indexed, intentionally. As a general practice, if I’m planning to restrict view of forms in a forms library, I don’t have it indexed.
Yes, I knew that views didn’t actually security trim the library. That was why I created the webpart page that does have restricted permissions (to the SharePoint Group). The form library web part is audience targeted to the SharePoint Group. Is there something more I need to do on the web part page to have it properly security trimmed?
In this scenario, you would be controlling that yourself. Disallow folder creation. Create the ones you want manually for each set of permissions. Have workflow put the form where it needs to be based on what they enter. Just using views, you will not have true security-trimming. They would show up in search if that library is being indexed.
yeah, since I’m trying to break users from the folders happen, I don’t think I really want to go there.
We had a logistical nightmare migrating content from 2007 to 2013 because we had one group that had nested folders 5 or 6 layers deep with names that read like sentences. I had to restructure the libraries in 2007 and add metadata before I could migrate the content. Don’t want to go through that again!
This link seems to suggest that using folders with InfoPath forms is possible. Not sure if it’s recommended, though (beyond the usual reasons for not using folders.)
It’s a Forms Library, so I’m not sure about folders? Wouldn’t that cause issues with the submission of the InfoPath form? I’ve never used folders on any of my Forms libraries before, so I’m not really sure.
The reason for 1 library is that folks are paranoid from our 2007 experiences with moving data. Since there is no approval process to lose the workflow history on by moving the form, that probably would be the best way to do it. Just trying to provide what the “users” want.
Technically the forms are not “approved”. The user submits a form. the workflows fires and sends an email to the defined person (defined in the workflow using the Incident Type list). Workflow ends. Nothing else is done with the Form itself other than the various groups (police dept, facilities, admin services) pull reports to Excel on # of incidents by type, by campus for various federally mandated reports.
You’ve given me some things to think about though, Paul. As you always do!
