The user interface improvements in SharePoint 2010 as a whole are truly amazing. Microsoft has brought this already impressive product leaps and bounds in terms of accessibility, standards, and usability. One thing you might be aware of is the new and quite useful “ribbon” control that appears by default at the top of every SharePoint 2010 master page. Here’s a sneak peek:
You’ll see this ribbon not only in the 2010 web interface, but also throughout the entire family of Office products coming out this year. Even SharePoint Designer 2010 makes use of the ribbon in a very flexible and useful way.
Hiding The Ribbon
In SharePoint 2010, the ribbon is used almost exclusively for content creation and site administration. It doesn’t make much sense to show the ribbon on a public-facing internet site (in fact, it can really retract from your site’s design when it appears), so you’ll probably want to hide the ribbon when users aren’t logged in. Here’s how it works:
<SharePoint:SPSecurityTrimmedControl PermissionsString="ManagePermissions" runat="server">
<div id="s4-ribbonrow" class="s4-pr s4-ribbonrowhidetitle">
<!-- Ribbon code appears here... -->
</div>
</SharePoint:SPSecurityTrimmedControl>
In your master page, find the SharePoint ribbon by looking for the line of code that begins with <div id=”s4-ribbonrow”>. Place the SPSecurityTrimmedControl code around your ribbon to conditionally hide it based on user permissions. In our example, we’ve hidden the ribbon from any user who doesn’t have the ManagePermissions ability, which is going to be almost any user short of a site administrator.
Other Permission Levels
You can specify different permission levels for the SPSecurityTrimmedControl, allowing you to configure exactly who can see the SharePoint 2010 ribbon. Basically, this control will hide anything inside of it when users don’t have the specified PermissionString. The available options include:
1. List Permissions
- ManageLists
- CancelCheckout
- AddListItems
- EditListItems
- DeleteListItems
- ViewListItems
- ApproveItems
- OpenItems
- ViewVersionsDeleteVersions
- CreateAlerts
- ViewFormPages
2. Site Permissions
- ManagePermissions
- ViewUsageData
- ManageSubwebs
- ManageWeb
- AddAndCustomizePages
- ApplyThemeAndBorder
- ApplyStyleSheets
- CreateGroups
- BrowseDirectories
- CreateSSCSite
- ViewPages
- EnumeratePermissions
- BrowseUserInfo
- ManageAlerts
- UseRemoteAPIs
- UseClientIntegration
- Open
- EditMyUserInfo
3. Personal Permissions
- ManagePersonalViews
- AddDelPrivateWebParts
- UpdatePersonalWebParts
You can use this control to hide anything in your master page or on related page layouts, so be sure to keep it in mind when you’re trying to hide/show things conditionally based on user permission.
The One Catch
You may notice that the login control (or welcome control) is actually inside the ribbon by default in SharePoint 2010. You’ll probably want to pull this control out of the ribbon and place it elsewhere on your page. Just look for the line of code that looks like this:
<wssuc:Welcome id="IdWelcome" runat="server" EnableViewState=”false”/>
Move this code out of the ribbon and into another location within your master page. Save your changes, check in and approve all files, and anonymous users will never know your site is built on SharePoint 2010!