Securing Enterprise Custom fields on Project Detail Pages in #ProjectOnline #Project #PPM #PS2013 #Office365

<Tomato Soup>

One of the main configuration items with respect to Project Server / Project Online is the creation of project level Enterprise Custom fields and their layout on separate Project Detail Pages.  Assuming that you are not using workflow* then by default anyone with read access to the project can see all of the fields on the PDP, and anyone with with write access (obviously this includes the project owner) has the rights to change any of the fields at any time.

 

Securing Project Enterprise Custom Fields

Occasionally a customer wants to hide/secure certain custom fields, or wants them visible to everyone but only editable by the PMO team.  As it stands you can either write some javascript that runs on the PDP page to create this functionality, or you can use the audience feature within SharePoint to select who can see specific web parts; it’s this latter feature which this blog will investigate.

 

Example Customer Requirement

Budgets and cost fields often contain the type of data that needs to be protected, and in my scenario my customer only wants the members of the Portfolio Management Office (PMO Group) to be able to update the Budget and Cost fields, but they realise the value of all the project team members being able to view these fields.

In order to implement this requirement, we’re going to need to setup 4 ECFs, two that are used for display purposes only, and two that can be edited by the PMO.  Historically this duplication of ECFs would have caused us an issue due to the reporting limitations of oData, but Microsoft kindly fixed this (https://support.office.com/en-gb/article/Project-Online-software-boundaries-and-limits-5a09dbce-1e68-4a7b-b099-d5f1b21ba489) and we can now have up to 450  other custom field types (cost, date, duration, number, flag).

 

Setting up the ECFs

The 1st field I’ll set up holds the Updated Budget.  This field will be edited by members of the PMO only.  It’s just a normal Project level ECF of type cost.

image

Next, set up the Approved Budget field.  This field holds a copy of the Updated Budget which is set by using the formula

Approved Budget = [Updated Budget].

image

 

This field can be viewed by anyone with view access on the project.

I’ll also set up Current Cost, and Latest Cost in a similar way.  Current Cost = [Latest Cost]

 

Creating the PMO group who can edit Updated Budget and Latest Cost

 

From the default PWA page, use the gear icon to create a new group under Users and Permissions and then add the relevant users to this group.

 

image

 

SNAGHTML23010685

 

image

 

Setting up the Project Detail Pages

The trick here is to create a new PDP with containing two Project Web App Basic Info web parts.

image

 

Add them both to the page.  For the 1st web part, add in the read-only fields, and change the title to something appropriate (eg Cost Information)

The 2nd web part needs a little more work.

1. Add in the editable fields (eg Updated budget and Latest Cost)

2. Change the title to something appropriate (eg Updateable fields – only seen by the PMO Group)

3. Browse to the bottom of the Edit Web Part dialogue box, and expand the Advanced Tab.  Select the previously created group as the Target Audience.

 

SNAGHTML231fe0d6

 

Add the Project Detail Page to the Enterprise Project Type

This is well documented elsewhere… so I’ve just shown you the screen shot here…

image

 

Update the project as a user who is a member of the PMO Group

Open and edit the Project as a member of the PMO Group.  You can see both web parts, and you are able to edit the Updateable fields web part.  Note that of course I’m expecting these users to be a member of the relevant groups within Project Online.

 

image

 

View/edit the project as a user who is NOT a member of the PMO Group

Here I’m logged in a the user Rachel Hales, who has rights to edit the project but is not a member of the PMO Group.  Note how the Updateable fields web part is not displayed for her.

 

image

Easier than Javascript!

Enjoy,  Ben.


*workflow will only allow to specify during which stage a custom field is displayed and editable, it does not allow you to specify who can edit the field.