Restricting Who Can Add Specific Web Parts to a Page
18 December, 2008
Restricting Who Can Add Specific Web Parts to a Page
Sometimes you want to restrict who can add a specific web part to a page. Maybe it can access sensitive information, or it can be connected up in a dangerous way, or even it places too much load on your server and you only want it in one place. Well the good news is that you can limit exactly who has access to add particular web parts to pages in SharePoint 2007 using the standard method of setting permissions. The web parts are kept in a list in SharePoint so you can use the normal list setting permissions to limit access.
You need to remove permissions to the web part itself. The process is
1. From any site settings go to the top level site setting.
2. Open up the web part gallery.
3. Click the edit button for the web part you want to limit permissions to.
4. Click Manage Permissions from the edit page.
5. You will then see a standard Manage Permissions page. As with any permissions on a list, you will first need to break inheritance. Then set up the permissions so that the users you don’t want to be able to add the web part, don’t have any permissions on it at all, either directly or via a group membership.
Note: These permissions only affect being able to add the web part to a page and modifying the actual web part entry in the list. Once the web part has been placed on a page, these permissions are not used, the site permissions then control who can edit properties and delete the web part from the page. So you still need to consider the page level permissions carefully.