Recently I came accross a instance where the user did not want to see the View All Site content link above the quick links. Can’t blame him. After making the UI look as business friendly as possible, clicking on the View All Site Content would spit out a list of document libraries and lists categorized according to the technical implementation, very useful for a site administrator, but making no sense to the average business user.
So I decided to put in a bit of security trimming in the masterpage. By default the View All Site Content link is within the tag <Sharepoint:SPSecurityTrimmedControl runat=”server” PermissionsString=”ViewFormPages”> meaning that as long as Tom Jones has the permission to view form pages, he would he would view this link. Changing the PermissionString attribute to ManageWeb solved this problem, thus making sure that only the Admin could see this.
So what are the other valid options for PermissionString? Here they are thanks to Zac Smith who got them out from a reflected SharePoint DLL
So how do I determine which groups have these permissions? Simple; Go to Site Permissions and on the settings button select permission levels
Select on the group for which you want to check the permission level and there it is.