Ashok Raja's Blog
Block Users from accessing the Site in SharePoint 2013 by Access Denied Web Part
by Ashok Raja T 21. December 2012 22:56

In this blog post we can see how to block a User or User Group from Accessing a Share Point 2013 or Share Point 2010 site without disturbing the security permission. This Access Denied web part can also be configured to be used as an URL redirect web part by providing custom redirect URL as an input parameter.

Access denied web part has 4 custom properties which can be configured via web part properties page. The below are the details about the properties

Properties

Sl.NoProperty NameRemarks
1UserNamesAccepts User names (login name) as comma separated Values
2UserGroupsAccepts Share Point User Groups as comma separated Values
3RedirectUrlThe URL to which the user has to be redirected after blocking the user. If left blank, the user will be redirected to default SharePoint Access Denied page.
4BlockingModeCan be set to UserGroup or UserName
5IncludeSiteCollectionAdminIf Un-Checked (Default state) , the blocking option set wont restrict Site Collection Admins from accessing this page. If you have to restrict Site Collection Admins too then set this property to true.

wp settings

The web part code file contains 2 core methods named as IsMemberOfUserGroup and isBlockedUser which blocks the individual users or all users under a particular SharePoint User Group or groups based on the blocking mode option selected. Find below the code snippet which validates User and User Group.

 /// <summary>
 /// Determines whether user is member of specified user groups.
 /// </summary>
 /// <param name="userGroups">The user groups.</param>
 /// <returns>
 ///   <c>true</c> if [is member of user group] [the specified user groups]; otherwise, <c>false</c>.
 /// </returns>
 private bool IsMemberOfUserGroup(string userGroups)
 {
     if (string.IsNullOrEmpty(userGroups))
         return false;
     SPWeb web = SPContext.Current.Web;
     string[] Groups = userGroups.Split(new string[] { "," }, StringSplitOptions.RemoveEmptyEntries);
     if (Groups.Length == 0)
         return false;
     foreach (string item in Groups)
     {
         if (item.Trim().Length == 0)
             continue;
         int groupId = web.Groups[item].ID;
         if (web.IsCurrentUserMemberOfGroup(groupId))
             return true;
     }
     return false;
 }
 
 
 /// <summary>
 /// Determines whether user account is blocked.
 /// </summary>
 /// <param name="userAccounts">The user accounts.</param>
 /// <returns>
 ///   <c>true</c> if [is blocked user] [the specified user accounts]; otherwise, <c>false</c>.
 /// </returns>
 private bool isBlockedUser(string userAccounts)
 {
     if (string.IsNullOrEmpty(userAccounts))
         return false;
     string[] users = userAccounts.Split(new string[] { "," }, StringSplitOptions.RemoveEmptyEntries);
     if (users.Length == 0)
         return false;
 
     SPUser usr = SPContext.Current.Web.CurrentUser;
     if (usr == null || string.IsNullOrEmpty(usr.LoginName))
         return true;
 
     string loggedInUser = usr.LoginName.ToLower();
     if (loggedInUser.Contains("|"))
         loggedInUser = loggedInUser.Split('|')[1];
     foreach (string user in users)
     {
         if (user.Trim().ToLower() == loggedInUser)
             return true;
     }
     return false;
 }

Note : This post contains downloadable sample code for both SharePoint 2013 and SharePoint 2010.
blog comments powered by Disqus