I was asked to review a client environment yesterday to find out why the links in their top navigation bar were displaying for users that did not have permission to the particular sites.
It turns out that when sites were being created by the client on SharePoint Foundation 2010 they were being created without the ‘include on the top navigation bar’ check box ticked. As a result, the link was then not automatically added to the top navigation bar but instead later manually added and so was not security trimmed link.
It was then after removing permissions to the various sites that it became clear that users were able to see the top navigation bar link to the sites even though they did not have access.
Obviously, there are situations when users don’t have permissions to a site and you don’t want them to see that the site even exists. An example of this might be in an extranet scenario when you have third parties accessing project sites and you don’t want those third parties seeing the names of other project sites that may exist let alone the content…so how do we prevent this?
Identifying security trimmed links
By reviewing the URLs of the links in the top navigation bar I was able to identify whether the links were security trimmed or not. If the field for the URL is disabled then the link is security trimmed and most probably created when as the site was created.
Adding new security trimmed links
After identifying the problem, I then had to make the existing links security trimmed. I did this in two stages. The first was to make a note of the position of the link that needed to be replaced. I then deleted it from the top navigation bar using the ‘Top Link Bar’ site settings page (_layouts/topnav.aspx). The second stage was then to create the new security trimmed link by using the PowerShell code below.
Modify the $SPWeb and @(“Site Name”, “/sitename/default.aspx”) arguments as required and run the code for each of the top navigation bar links that need to be security trimmed. Remember the old link will need to be removed and the new one ordered as required.
It appears SharePoint, specifically SharePoint Foundation 2010 only honours security trimmed links in the top navigation when the links are created automatically as opposed to being created manually.
Note: this post specifically targets SharePoint 2010 Foundation which does not include the extended navigation that is included as part of the Publishing feature.
This morning I was trying to create a new style in the itemstyle.xsl stylesheet to use within the content query web part (CQWP). I needed a custom style to display a list of announcements, some of which had content and others didn’t and this style was to improve this output.
The problem is that the ‘Body’ column of an announcement or more importantly the ‘rich text’ field type is never really empty. Even when the column genuinely empty and has no rich text content, a hidden HTML element (a div) exists and acts as a wrapper for any content. As a result, if you try and use a typical ‘if equals null’ statement to hide the rich text column it won’t work because of this hidden element.
An empty rich text column on SharePoint 2010 always has 37 characters as shown below.
With SharePoint 2007 the rich text column has 65 characters when empty, again as shown below.
The solution, in the end, was to use the string-length function to determine if the rich text column was longer than the standard 37 characters on SharePoint 2010 as identified above.
To get a list of all the managed paths for a given web application we use the Get-SPManagedPath cmdlet as shown below.
Creating a new explicit path
Explicit managed paths only allow one site collection to be created at a specific path. An example of this is the root site collection of a web application which has an explicit managed path of “/” (https://sharepoint.jcallaghan.com).
To add a new explicit managed path to a web application we use the New-SPManagedPath cmdlet and include the -Explicit parameter.
Adding a wildcard managed path
Wildcard managed paths allow one or more site collections to exist at a specified path. This is the same as the default ‘sites’ managed path that we should all be familiar with (https://sharepoint.jcallaghan.com/sites/projectxyz).
To add a wildcard managed path we run the command as we did for an explicit managed path however we don’t include the -Explicit parameter.
Removing an existing managed path
There may be times when you need to remove managed paths. This can be done by running the Remove-SPManagedPath cmdlet and specifying the name of the managed path to be removed and what web application to remove it from. When removing a managed path you will be prompted to confirm the removal action – this can be silenced by adding -confirm:$false to the command.
Using the SPManagedPath nouns in PowerShell we can get a list of existing managed paths, create explicit or wildcard managed paths and also remove existing managed paths for a given web application.
When I write PowerShell scripts, I often want to step through sections. This allows me to decided whether to proceed with parts of my script or not. I achieve this by using the ChoiceDescription class as demonstrated below.
More information about using prompts in PowerShell can be found in the following article and tip on Microsoft TechNet.
Today I had a requirement to remove all the headings and links from the quick launch navigation of hundreds of SharePoint sites. The sites were being provisioned as part of a PowerShell deployment script that was deleting the default list and libraries. Going through each of these sites manually was not an option – so I edited the deployment script to include a function to remove the headings for me.
I remembered doing something similar to this back on SharePoint 2007 but I didn’t have access to the previous script or project and instead had to research the subject for a while to find what I needed.
A post from Get-SPScripts supplied me with what I was after, although it was part of a much larger script. So I picked away at their code and made it into the following PowerShell function to re-use in other projects.
The above Remove-SPQuickLaunchLinks function will remove all headings and links from the SharePoint quick launch for a particular site.