Haaron Gonzalez – Blog in English Rotating Header Image

Prevent Document Download in SharePoint Online

Good day colleagues, wanted to share with you all how to configure a document library that doesn’t allow users to download his content. In our scenario here is to expose a document library to a group of people inside the company, but the requirement was that these people shouldn’t be able to download the content, this is just a document library for content consumption, no collaboration at all and of course read only for visitors.

It is simple to achieve the desired outcome because there is a permission already in the system that allows us exactly what we need, but it has some limitations that you should know first before you commit to deliver what business ask us to do.

As general understanding please read the following descriptions about the permissions already available in SharePoint, please read to the end because you will see what permissions makes sense for us to use.

  • Full Control – Has full control.
  • Design – Can view, add, update, delete, approve, and customize.
  • Edit – Can add, edit and delete lists; can view, add, update and delete list items and documents.
  • Contribute – Can view, add, update, and delete list items and documents.
  • Read – Can view pages and list items and download documents.
  • View Only – Can view pages, list items, and documents. Document types with server-side file handlers can be viewed in the browser but not downloaded.

Yes, the View Only permission gives us the required behavior. In other words, this permission allows us to visualize documents inside a browser (of course with the help of Office Web Apps or Office Online Server) and documents cannot be downloaded. The question here is: What are the documents we can visualize in the browser using Office Online Server? The answer is Only Office Documents and what Office Documents are we talking about? Word, PowerPoint, Excel.

This means that:

PDF or any other file type that is not an office document can be downloaded ☹

Let’s explore how to configure this:

  1. Create a security group that has the View Only permission
  2. Create and configure a document library
  3. Test with another user that the download is not possible

Let’s see it in action here in this video, since now, thanks for reading, thanks for watching, thanks for sharing.

Just make sure your Read List and Read Item operation in your ECT have the same fields

Had some fun during the weekend. Customer asked me to add 3 new fields to an existing External Contents Type hosted on a SharePoint 2010 farm. Simple right?

  • SQL Server
    • Modify the pre-production database and alter the table to create 3 new varchar fields
    • Add some dummy content to some records in pre-production farm
  • SharePoint Designer
    • Open the pre-production site collection and locate the External Content Type
    • Open the external content type look at the operations and update the fields including the new ones

After saving the changes I proceeded to test, and got an error, the view was not displaying the data and gave me a correlation ID, after running a Merge-SPLogFile powershell command this is what I got:

Error while executing web part: System.InvalidOperationException: The Finder ‘SiteCodesRead List’ cannot be found in ViewGroup associated with SpecificFinder (Read Item) operation ‘SiteCodesRead Item’ in EntityNamespace ‘http://preportal.zzzz.com/sites/it’, Entity ‘YYY_SiteCodes_IT_Master’.

What this wonderful error description was trying to tell me is:

Just make sure your Read Item and Read List operation in your ECT have the same fields you dummy

Will not charge the customer for the time I spent figuring out this issue

Boost companywide communication with Office 365 and SharePoint Online

More than ever before is clear what organizations intent to do with a successful SharePoint implementation. In my experience lots of companies try achieve better collaboration and communication experiences for their users. We use team sites template to create share-spaces or workspaces for people to collaborate with content and information securely and inside the corporate network, in the other hand, we use publishing sites that allows a better and more sophisticated content authoring experience and publishing features that any communication related department can use for share company wide information accessible to everyone in the network.

As everybody know, Office 365 and SharePoint Online are evolving rapidly, innovation happens fast and get deliver so frequented now, instead of us waiting for a new version release of SharePoint every 3 years.

Today Microsoft started the release of Communication sites to Office 365 customers, so what does this mean?

Communication sites are a special type of site that already has a set feature to boost companywide communication, they already support events, news and other content responsive out of the box. So, no need to pay consultant any more to build beautiful and responsive intranet home pages with carousel web parts or content rollups on top of a publishing site.

Plan and use Communication site to:

  • Make your home page and sub-pages look great
  • Continue the discussion in context to ensure reach, retention and engagement
  • Dynamically pull in and display data, documents and information via web part improvements

Instead of me repeating what is already publish by Microsoft, I leave you the link to the official announcement. After reading this announcement ask yourself. Do you need help planning and adapting your existing Office 365 customizations and publishing investments to this new model?

Microsoft Forms, want to give it a try?  Here is a basic demo

Want to give a try to Microsoft Forms? Yesterday I created a Customer Satisfaction Survey demo to see at a glance the main features of this new technology now available for Office 365 commercial users. I was surprise to see how simple and slick the authoring experience is and of course love the final result. I can see so much power for specific set of scenarios. I just hope that Microsoft consider creating an API for allowing developer build forms and quiz programmatically as well as query the results.

I do see myself building risk matrix surveys (Survey Analysis for Evaluating Risks) for some O365 customers

Invoking User Profile Service when Selecting from People Picker in InfoPath

While supporting a customer on InfoPath development, he ask me how to retrieve data from a specific user using the Profile Web Service, but he want to invoke the service after selecting a user from a people picker control, problem was that the Action section in the people picker control was disable so he was asking why and how can we accomplish what he wants. I remember that I was able to implement same exact scenario a while back ago but didn’t remember how, so I did some basic research and this is what you need to do:

Step 1 – Create another field in the form of type Text (String) and make sure to set the default value equal to the people picker Account ID field, also it is critical to check the Refresh value when formula is recalculated check box control

Step 2 – Create an Action rule in the new text box control, this will get execute any time the people picker control change the continuing Account Id value

Essentially this as the actual concern, so now we are able to have a trigger action in order to query the User Profile Web Service.

Just use a Office 365 based credential when deploying programatically

So all people happy and kind of impress with Office 365 Pattern & Practices components, especially the ones that are related to Office 365, is so much easier and simpler the provision things up to SharePoint Online. Recently had to deploy some assets into SharePoint Online, I did use Office 365 PnP as our deployment approach. Everything work just fine in our Office 365 Dev environment but as soon I got to customer tenant our deployment console app didn’t work as expected.

First I notice that customer had ADFS set up and the code when trying to authenticate was throwing the following exception:

Unhandled Exception: Microsoft.SharePoint.Client.IdcrlException: Unable to get ticket due to unknown error.
at Microsoft.SharePoint.Client.Idcrl.IdcrlAuth.GetServiceToken(String securityXml, String serviceTarget, String servicePolicy)
   at Microsoft.SharePoint.Client.Idcrl.IdcrlAuth.GetServiceToken(String username, String password, String serviceTarget, String servicePolicy)
   at Microsoft.SharePoint.Client.Idcrl.SharePointOnlineAuthenticationProvider.GetAuthenticationCookie(Uri url, String username, SecureString password, Boolean alwaysThrowOnFailure, EventHandler`1 executingWebRequest)
   at Microsoft.SharePoint.Client.SharePointOnlineCredentials.GetAuthenticationCookie(Uri url, Boolean refresh, Boolean alwaysThrowOnFailure)
   at Microsoft.SharePoint.Client.ClientRuntimeContext.SetupRequestCredential(ClientRuntimeContext context, HttpWebRequest request)
   at Microsoft.SharePoint.Client.SPWebRequestExecutor.GetRequestStream()
   at Microsoft.SharePoint.Client.ClientContext.GetFormDigestInfoPrivate()
   at Microsoft.SharePoint.Client.ClientContext.EnsureFormDigest()
   at Microsoft.SharePoint.Client.ClientContext.ExecuteQuery()
   at Microsoft.SharePoint.Client.ClientContextExtensions.ExecuteQueryImplementation(ClientRuntimeContext clientContext,Int32 retryCount, Int32 delay)
   at Microsoft.SharePoint.Client.ClientContextExtensions.ExecuteQueryRetry(ClientRuntimeContext clientContext, Int32 retryCount, Int32 delay)
   at BrandingCAN.Program.Main(String[] args) in projectpath\Program.cs:line 41

Did some research and perform several recommendations, but unfortunately didn’t work at all. So, at this moment I still don’t understand what to do to make my console app to authenticate to O365 with ADFS set up and account. But, I did manage to solve the issue just using an Office 365 based credential instead of an ADFS based credential, and that’s what I wanted to share here.

Whenever you deploying something programmatically to O365, please use O365 based credentials like “accountname@company.onmicrosoft.com” and Office 365 PnP and all SharePoint Client APIs will perform as expected.

 

BCS Limitatios to keep in mind

Have you wonder about the limitations of BCS in SharePoint 2010? Well Chakkaradeep Chandran a Program Manager from Microsoft SharePoint Development Team blog about it here on August 2010. As long customers require SharePoint 2010 support I will continue sharing information like this. So, please take a look:

BCS Limitations

Even though BCS is great and can do wonders when you want SharePoint 2010 to interact with your external systems or other LOB applications, it has its own limitations. Understanding these limitations will help you build good BCS solutions.

Below are some/all of the BCS/External Lists limitations:

  1. Workflows cannot be associated with external lists
    • However, you can use the external data columns and manipulate the external lists in a workflow
  2. No RSS feed support for external lists
  3. No REST based access for external lists
  4. LINQ to SharePoint spmetal.exe does not support external lists
  5. Cannot configure alerts for external lists
  6. Cannot export external list items to Excel (Export to Excel feature)
  7. Item-Level permissions is not available for external lists
  8. Versioning cannot be configured on external lists
  9. Item History is not available on external lists
  10. Datasheet view cannot be used in external lists
    • XSLT is supported though
  11. You cannot create a site column of type ‘External Data Column’
    • External data columns can be created only as list based columns and cannot be consumed in site level content types
  12. No Write support for BLOB
    • You cannot write back to BLOB fields using BCS unless you write your own method
    • You can access BLOB columns by defining a StreamAccessor method and presenting the external data via the BCS Data List web part by checking the Display stream fields property
  13. Ratings feature is not supported for external lists
  14. Metadata based navigation is not supported for External Lists

Some of the limitations are quite obvious as the data does not reside in SharePoint and it is not SharePoint’s responsibility on how the data behaves. SharePoint is here to just present the external data. That said, I do think some are not limitations, but Microsoft just didn’t have time to implement, like:

  1. RSS feed support
  2. External data site columns
  3. Export to Excel

If I have missed any limitations, please feel free to comment and I will add them to the list.

This post was originally published by Chakkaradeep Chandran here http://chakkaradeep.com/index.php/bcs-limitations/

How to copy the body of your email action in Workflow Designer using SharePoint Designer

This is for my friends and customers that still support SharePoint 2010 workflows and solutions using SharePoint Designer 2010. Have you been in the situation to re-create a SharePoint Designer 2010 workflow and notice that you cannot copy or paste the body of your Email actions forcing you to re-create your action from scratch? What a hassle.

Well, today I found a way that copy the content of your action attributes and with that simplify a little bit the experience of recreating Workflow Designer actions.

Step 1: Locate the Send Email action in your workflow and open the Properties window

SPD1

Step 2: Select the content of the Body attribute in the property window, right click and copy

SPD2

Step 3: in your new Send Email action open the Properties window

SPD3

Step 4: Click the “…” button

SPD4

Step 5: Paste the content of your clipboard

SPD5

Step 6: Click OK and just re-assign you lookup properties

SPD6

What happens when you accomplish your dreams? Well, you create new dreams

It’s time for me to close a cycle and move on to another endeavor in my career. For the last 3 years I have been lucky enough to work for Konica Minolta formerly known as Hershey Technologies. After Tom Castiglia, Arjay During and Neal Fischer believed in me and gave the opportunity for me to join the team I started engaging with existing/new customers, team members and SharePoint local community folks. I started little by little, building, gaining trust based on pure hard work and consistent outcomes. I was fortunate to partner with account managers and do pre-sale work that help us position our services and close so many deals that with the help of the team we were able to deliver value in a profitable way and consolidate strong/solid relationships with customers. After touching more than 55 customers, more than 74 projects during a 3 year span is time for me to say farewell.

I am extremely proud, grateful and lucky to have the chance to learn from everybody here and to grow professionally accomplishing things that once in my life where dreams and future visions of me. Even do, it’s hard to say goodbye to friends, this is something that I feel and know I need to do. Thanks Konica Minolta formerly known as Hershey Technologies team members, management and top executives for your patience and trust. Please continue taking care of our customers.

What happens when you accomplish your dreams? Well, you create new dreams. That’s why I am joining Slalom Consulting. This is a company with a high level consulting profile that I know is the right step for me to continue doing what I know and what I need to do to strive in bigger challenges and outcomes. I am so excited to join this team, so more histories to come in the future, new dreams and visions to conquer.

Thanks all for your friendship and partnership, sicerelly Haaron Gonzalez

How to display additional lookup data from another list in a Nintex Form

Let’s say that you have a lookup site column that you are using all over the place in multiple lists and sites under your site collection and you need to be able to display additional data from this important list in a Nintex form, there is a way fortunately.

By adding this site column into your content type or list the Nintex Form will identify field as a lookup control automatically and by using the lookup function you can query another list in the site collection and return data from it.

In this example, I have a Stores list, every store has a district number associated, so when I pick and choose a particular store number by using the lookup function I am able to return the district for the selected store.

lookup1

To understand how the lookup function determines what data to bring back, consider the following lookup function:

[code language=”css”]
lookup(“listA”, “ID”, 1, “Title”)
[/code]

This lookup will send a query to SharePoint, asking for list items within a list titled ‘listA’ and return the Title column value from any list items whose ID column value is 1.
Note: The match on the value is case-insensitive.

The lookup function does not support complex query construction; it determines what list items are included, as data to bring back, based on the filter column being an exact match to the value you specify. You can compose complex formulas with the formula builder if you need to build up a complex query, however be mindful that each lookup function will send an individual request to SharePoint for data.

So, in my example I just added a Calculated Value control in the Nintex form and configure the lookup runtime function like this:

[code language=”css”]
lookup("/sites/mysitecollection|mylist","ID",Store,"District")
[/code]

Notice that there is a “|” to point to a list in another site, in this case, the top level site using a relative URL Path, then delimit the list title with a pipe ‘|’ symbol. If your list exists under your current site just use the list title without the URL Path.

lookup2