1

The issue we see is that if you cancel a document check-out and you had changed a department (which has different security) the document permissions are not updated/changed back to the previous published version permissions. What is happening is that if you cancel a check-out the event handler does not fire and we see no way to make it fire when you do this (yet) . The event handler is changing the published version i.e. document v1.0 security as soon as we change the department when it should only change the security on document v1.1 (which is now in draft mode) then when we cancel a check-out the security would be correct, but EH2 is changing security on both versions

Edit

We are using 2010. I realize that security and check in/out are two separate functions, but the problem we are having is when we edit a document it forces a check out (versioning turned on). When that edit happens we have an event handler that fires and changes the document permissions based on a metadata column for the document.

Here is the whole process: Upload a new document Assign metadata (one column indicates what permissions to assign the document) The document permissions now programmatically are set to be unique - Now the document has unique permissions based on the column choice noted above Then a user can change the document permissions by changing the metadata column. If versioning/checkin/checkout is not on this works fine With the checkin/checkout and versioning on; all versions of the document permissions change including the published version and the draft version. Then if they cancel the checkout the document metadata goes back to the correct version, but the permissions do not get changed back as there is nothing to fire off the itemupdate event that was used to change the permissions.

We are looking for a way to have it reapply the permissions based on the current published version when this happens or to keep the permissions unique to each version since SharePoint sees them as separate documents.

So for example a document could have a draft version with one set of permissions and a published version with another set of permissions until the draft gets approved.

dandan78
  • 13,328
  • 13
  • 64
  • 78
Paul
  • 11
  • 1
  • Paul, this is not a forum. To provide more information, always edit your original question. Please see the [faq](http://stackoverflow.com/faq). – dandan78 May 03 '11 at 10:59

1 Answers1

0

The lowest level of security that SharePoint supports is at the listitem level. If you modify the security of a listitem (or document), it is always applied to all versions of that item. Cancelling the checkout doesn't really change the fact that it's still the same listitem. Cancelling the checkout also doesn't roll back all the code that you executed in an event handler.

Tom Vervoort
  • 5,028
  • 2
  • 22
  • 19
  • Thanks Tom, Please see my response above. I had to answer my own question since the add comment box didn't have enough space for my response. – Paul May 02 '11 at 15:35
  • Thanks Tom, We are using 2010. I realize that security and check in/out are two separate functions, but the problem we are having is when we edit a document it forces a check out (versioning turned on). When that edit happens we have an event handler that fires and changes the document permissions based on a metadata column for the document. Here is the whole process: Upload a new document Assign metadata (one column indicates what permissions to assign the document) [continued on next comment due to space limitations] – Paul May 03 '11 at 12:27
  • The document permissions now programmatically are set to be unique - Now the document has unique permissions based on the column choice noted above Then a user can change the document permissions by changing the metadata column. If versioning/checkin/checkout is not on this works fine With the checkin/checkout and versioning on; all versions of the document permissions change including the published version and the draft version. [continued on next comment due to space limitations] – Paul May 03 '11 at 12:28
  • Then if they cancel the checkout the document metadata goes back to the correct version, but the permissions do not get changed back as there is nothing to fire off the itemupdate event that was used to change the permissions. We are looking for a way to have it reapply the permissions based on the current published version when this happens or to keep the permissions unique to each version since SharePoint sees them as separate documents. [continued on next comment due to space limitations] – Paul May 03 '11 at 12:29
  • So for example a document could have a draft version with one set of permissions and a published version with another set of permissions until the draft gets approved. Thanks for your help. – Paul May 03 '11 at 12:30