Hide "Site Actions" for the anonymous users (The easy way)

Many times you need to give your anonymous users an access to add information to a part of your site (ex a feedback list ), but you do not want to give them any more privileges. That would be easy, you edit the permissions for your list, you give the anonymous users the permission to add, or edit. All will be fine except that when the users open the new item form (normally called NewForm.aspx) they will have the “Site Actions” dropdown enabled with the action “View All Site Content”. He can click this and see the entire site content page “*/_layouts/viewlsts.aspx”. Though he might not see anything he is not permitted to see but this is annoying. There is a logic inside SharePoint technologies for this behavior but it does not seem to be valid in the public facing website for anonymous users.

Do not worry; there is a solution for this. And the solution is so easy. Using the SharePoint:SPSecurityTrimmedControl object in your master page you can solve this, so let’s do it step by step.

Firstly create the permission level appropriate for the users who shall see the “Site Actions” dropdown. Go to “Site Permissions” from the site collection root, from settings dropdown choose “Permission Levels”:

You can create a new permission level or you can open “Contribute” then click “Copy Permission Level” as I did and then name your new level like “My Permission”. By default it will take all the permissions in the “Contribute” level. I added two levels for my users as they need these permissions to control the site: “Manage Site” and “Add and Customize Pages” from “Site Permission” section.

I created a new group “My Group” and added all the users that will control the site. Then, I added this permission level on the “Site Permission” page to this group:


Click the image to enlarge

Now go to the master page you use and look for the “Site Action” code, it might look like this:

<span class="siteActionMenu">
         <PublishingSiteAction:SiteActionMenu runat="server"/>
</span>

Or like this:

<SharePoint:SiteActions runat="server" AccessKey="<%$Resources:wss,tb_SiteActions_AK%>" id="SiteActionsMenuMain"
         PrefixHtml="<div><div>"
         SuffixHtml="</div></div>"
         MenuNotVisibleHtml=" ">
   ........ other custom code .........
</SharePoint:SiteActions>

Now add this code to contain the “Site Actions” object:

<SharePoint:SPSecurityTrimmedControl ID = "spstcSiteActions" runat = "server" PermissionsString = "ManageWeb" > ……your site actions object …… </SharePoint:SPSecurityTrimmedControl>

Your code will look like this:

<SharePoint:SPSecurityTrimmedControl ID = "spstcSiteActions" runat = "server" PermissionsString = "ManageWeb" >
<span class="siteActionMenu">
<PublishingSiteAction:SiteActionMenu runat="server"/>
</span>

</SharePoint:SPSecurityTrimmedControl>

Or like this:

<SharePoint:SPSecurityTrimmedControl ID = "spstcSiteActions" runat = "server" PermissionsString = "ManageWeb" >
<SharePoint:SiteActions runat="server" AccessKey="<%$Resources:wss,tb_SiteActions_AK%>" id="SiteActionsMenuMain"
PrefixHtml="<div><div>"
SuffixHtml="</div></div>"
MenuNotVisibleHtml=" ">
........ other custom code .........
</SharePoint:SiteActions>
</SharePoint:SPSecurityTrimmedControl>

Now you are done. “Site Actions” will appear only for the users who have the “Manage Site” permission. If you would like users with less permission to see “Site Actions” you can change or add these permission in the “PermissionsString” property. Example: PermissionsString: " ManageLists" or PermissionsString: "ManageWeb, ManageLists". For all the available permissions you can add and assign to users please see the following table:

List Permissions

ManageLists
CancelCheckout
AddListItems
EditListItems
DeleteListItems
ViewListItems
ApproveItems
OpenItems
ViewVersions
DeleteVersions
CreateAlerts
ViewFormPages

Site Permissions

ManagePermissions
ViewUsageData
ManageSubwebs
ManageWeb
AddAndCustomizePages
ApplyThemeAndBorder
ApplyStyleSheets
CreateGroups
BrowseDirectories
CreateSSCSite
ViewPages
EnumeratePermissions
BrowseUserInfo
ManageAlerts
UseRemoteAPIs
UseClientIntegration
Open
EditMyUserInfo

Personal Permisions

ManagePersonalViews
AddDelPrivateWebParts
UpdatePersonalWebParts