Sharing the same EditForm between different roles

I recently had a client that wanted to show some fields in a form for end users as read only, while Managers, taking a decision, should be able to edit the same fields, all using the same EditForm.aspx.

Ok, so how did I go around getting this to work?

The Managers have Edit permission on the site, while end users have Contribute, this gives the Managers the list permission “Manage Lists”, which end users lacks.

First thing I did was to fire up SPD locating the list and create a new EditForm, let’s call it EditForm2.aspx.
I also created a new DispForm, called DispTrash.aspx (so that I know it should be deleted when I had finished my work).

In your EditForm, locate the top-most field that should be editable to managers, Before its starting <tr> add this:

    <SharePoint:SPSecurityTrimmedControl ID="SPSecurityTrimmedControl1" runat="server" AuthenticationRestrictions="AuthenticatedUsersOnly" Permissions="ManageLists" PermissionContext="CurrentSite">
    <table class="trimmedContent">

Here will the fields be listed…

After the last field’s end tag </tr> add this:


So we are wrapping the fields with a Security Trimmed Control and a table. this will give the result that the code inside this Control will be hidden for end users.

Now, right after this end tag of the Security Trimmed Control add this:

    <table class="notTrimmed">

Let’s open DispTrash.aspx in SPD, locate the same fields that you wrapped inside this Security Control. Copy the rows and make sure you get the starting <tr> of the first field and ending </tr> of the last field, so that the HTML don’t get messed up.
Paste this code right after this table’s starting tag.
After the last field’s ending tag </tr>, add this:

</table>, to close this table.

Ok, so what do we have this far?

  1. We have two sets of the same fields, where some are editable and the others are display only.
  2. The editable fields are wrapped in a Trimmed Control and will only be shown for users with ManageLists permissions.
  3. This means that the table with the class “trimmedContent” only will be visible to Managers.
  4. And Managers will see both these sets of fields…this must be taken care of!

Locate this row:
<asp:Content ContentPlaceHolderId="PlaceHolderAdditionalPageHead" runat="server">

Add this code right after this row:

// Hide display fields if security trimmed table exists
if ( $( ".trimmedContent" ).length ) {
    $( ".notTrimmed" ).hide();

This code will check if the table with the class of “trimmedContent” is present. If it is, it means that the user is a Manager and we choose to hide the table that contains the display only fields.

Mission accomplished!

My hope is that this will help someone.



Leave a comment

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s