Filter search results based on user

Question

Is it possible to refine or display search results based on user authorization. Suppose if a user is part of a custom SharePoint group, he/she can view certain results. If not, the search results are omitted. Thanks in advance.

Or may be is it possible to create a search site which has access to only certain authorized group. I have MOSS 2007 as my environment.

---

UPDATE Here's a more elaboration to my scenario. I am allowing all users to contribute to a list and filtered displaying items only that are created by them with the help of views. There is a custom SharePoint group that is allowed to view all items as they are admins. I want that when a normal user does a search on the site, he/she should either not be able to see any items from the list or his/her own items. But when an admin searches for an item, they can see all search relevant results. For achieving this I created a custom permission level called "Contribute Only" and gave only access to add/update/delete items and disabled creating views. Will this scenario allow admins to search all items while restrict users. I do not think so since we are just restricting users to view items at the view level. Thoughts?

Answer 1

When properly configured, the user's authorization is factored into search results in a process called Security Trimming. Here is a good TechNet article that provides an overview: http://technet.microsoft.com/en-us/library/cc263520(office.12).aspx

Here is some info on configuring search for MOSS 2007: http://technet.microsoft.com/en-us/library/cc262700(office.12).aspx

Answer 2

Assuming that the Search is for SharePoint content (sites, lists or list items), the users in the group will not see the content in search results for which they don't have permissions. So you can fine tune the permissions on SharePoint content so that only authorized users see items in search results. This kind of security-trimming is provided out-of-box by Moss.

There is a exception to this behavior if you have lists or libraries with item-versions set to On. In this case, users may see draft items in search results even if they are not authorized to view drafts. To fix this, you can implement a custom security trimmer as mentioned here

Answer 3

I believe Ashish has understood the method of security trimming, but he is confused on how it can be applied on the current situation.

If I have understood correctly, you can acheive this by implementing 2 lists, the first one with permissions to all and the second one with just permission for the admin group. Once the list item in the first list becomes edited to a certain status by the normal user, move it to the second list using a simple workflow in SPD. And when a normal user tries to search, any item moved to the second list wont be available since its security trimmed and only the admin people could get that. This would be handled automatically by SharePoint.

Try out and check if this solution fits your need.

Answer 4

Unfortunately you can't customize search webparts in MOSS 2007, consider upgrade to SharePoint 2010 to better search customizations or create custom webpart.

Another option to trim search results - create custom security trimmer. http://msdn.microsoft.com/en-us/library/aa981563(v=office.12).aspx But it's very limited solution.