How to enable Anonymous Access to a blog site on your Office 365 public website
This has been plaguing the forums for weeks now .. if I had a pound for everytime I’ve seen someone complaining about blogs on Office 365 .. I’d have .. erm .. about £15 ..
But seriously, this is something that a lot of folks have been complaining about .. but no more! 🙂
One thing that definately surprised me is that you can set anonymous permissions through Sandbox Solutions! This means that we can write our own custom code to enable full anonymous access for comments, categories and posts 🙂 So I’ve done just that.
A link to download a Sandbox Solution can be found below. Just upload the WSP to your public website site collection, activate it, and drop the new “Hatch Solutions” web part onto the home page of your blog 🙂
NOTE: For those who aren’t interested in how this works, and just want the web part, you can grab the WSP package here.
This installs a Web Part. Place this webpart on the home page of your Blog site, and hit the big button… it should do all of the work for you.
Important: You don’t need to keep the webpart on there. Once you’ve checked it is working you can remove the webpart and remove the WSP from your Solution Gallery!
Regional Settings – There have been numerous reported issues regarding regional settings (as the code looks for lists called “Posts” and “Comments”). Currently this WSP only works when your SharePoint Site regional settings are set to English.
So what are we doing?
This is really quite simple. The SharePoint API exposes the list permissions for anonymous users through an SPList property called AnonymousPermMask64. This is an enumeration of SPBasePermissions values which effectively describe what access anonymous users have.
The reason this doesn’t work by default for anonymous users is because the “ViewFormPages” permissions is not included by default!
So our code is quite simple:
// get the “Comments” list
SPList list = SPContext.Current.Web.Lists[“Comments”];
// check if it has unique permissions
if(!list.HasUniqueRoleAssignments)
{
list.BreakRoleInheritance(true);
}
// make sure people can edit their own items
list.WriteSecurity = 2;
// grant permissions to anonymous users
list.AnonymousPermMask64 =
(SPBasePermissions.Open |
SPBasePermissions.OpenItems |
SPBasePermissions.ViewFormPages |
SPBasePermissions.ViewListItems |
SPBasePermissions.AddListItems);
list.Update();
So all we are doing there is granting some additional permissions (ViewFormPages, ViewListItems and AddListItems) for anonymous users. Then we just rinse-and-repeat for Posts and Categories (but remember to remove the “AddListItems” bit!! otherwise anonymous users would be able to create new blog posts!).
That’s it! I have a (short-lived) demo running on my current Office 365 site: www.hatchsolutions.co.uk/Blog/
Note – depending on how much spam and rubbish ends up on there, I will probably delete it sooner rather than later. I’ll try and remember to update this post after I have.
To make this easy for you I have built a Web Part which you can download and install (link at the top of this post) which does all of the work for you.
So that is all you should need .. happy blogging folks!! (all we need now is a decent blog template with things like CAPTCHA.. )