Getting all current user’s SharePoint permissions groups in InfoPath 2010

Getting all current user’s SharePoint permissions groups in InfoPath 2010

I followed this great post by Jaliya Udagedara on how to get a current user SharePoint group name in InfoPath, but I needed something a bit different, first of all I was working with an InfoPath form library and not a customized SharePoint list form, secondly I had a scenario where I wanted to show or hide different sections of my InfoPath form to different users according to their permission group, while it’s possible that they belong to several groups. Getting all current user’s SharePoint permissions groups in InfoPath 2010:
The basic idea was that I published my InfoPath form as a content type and added this content type to several libraries, than I’d modified my form to include submit data connections to each library.
Afterwards I’d added several buttons each of them submitting the form to a different library, each button is visible only to users belonging to the corresponding library’s permissions group, or to administrative users that are able to choose the library they wish to submit the form to.

So in order to get all of the current’s user permission groups in an InfoPath text field, follow Jaliya’s post up until step 5 (not including).
Then go to Data -> Form Load and create these 2 actions:

Add 2 Form Load actions

Add 2 Form Load actions

1. Set a field’s value: set the ‘userLoginName’ field on the GetGroupCollectionFromUser data connection (make sure you update this field under the connection’s queryFields group and not under the dataFields group where there is a field with the same name), set its value with the value returned by the GetUserProfileByName connection where – Filter (Name = “AccountName”).

Set a field's value: set the 'userLoginName'

Set a field’s value: set the ‘userLoginName’

Filter GetUserProfileByName Value

Filter GetUserProfileByName Value

2. Query for data the GetGroupCollectionFromUser data connection.

Query Data Connection

Query Data Connection

Create a new text field (I’ve named it CurrentUserPermissionGroups but you can name it anything you’d like), set its default value to contain this formula –
eval(eval(Group, ‘concat(@Name, “;”)’), “..”)

You can copy and paste this formula in to your text field’s default value formula, and then just re-select your group from your GetGroupCollectionFromUser data connection like so –

Update group from GetGroupCollectionFromUser in Formula

Update group from GetGroupCollectionFromUser in Formula

That’s all! Now your field should show all of the current user permission groups (under the site collection of your data connections) –

All the current user's permission groups in InfoPath result

All the current user’s permission groups in InfoPath result

To hide or show fields simply add formatting rules checking if this field contains the group in question –

Formatting Rule Example

Formatting Rule Example


10 thoughts on “Getting all current user’s SharePoint permissions groups in InfoPath 2010

  1. The instructions worked for me, but I have a couple of question. When I have a question about editing the manifest.xsf. It looks like all future edits to the form needs to be made and published from the manifest.xsf. Correct? When I used these instructions on a form library that already had forms in it, the old forms did not show the CurrentUserGroups and when I removed a field from the updated form (manifest.xsf) the old forms in the form library threw correlation errors.

  2. In following Jaliya Udagedara post and then yours, I am unable to solve this User cannot be found.0x80131600 error. I’m using the enterprise version of SP2013 and Infopath 2013. My web application is claims based but our credential store is NLTM so I have to translate credentials as they come across from functions in infopath (like username()) to remove the “0#.w|” part of the credential (Susan Hernandez provides a simple example of this here:

    I do this whenever I’m querying the GetUserProfileByName web service and it works fine. When I pass this same credential (in the form of DOMAIN\username) to GetGroupCollectionFromUser I run into an error (User cannot be found.0x80131600 ). In the ULS logs, the name being passed to the service appears to be 0#.w|DOMAIN\username instead of in the form DOMAIN\username. I don’t understand how it’s not stripping off the “0#.w|” part of the credential. Is it possible that in the Jaliya Udagedara post, the service is automatically taking the current user’s credentials without allowing you to set the “userLoginName” parameter as stated in step 1 by the modifications that are made to the XML?

    • I had this exact same problem. Here’s what I found out. In SP2013 Enterprise (with Infopath 2013), the GetUserProfileByName web service cannot accept claims based credentials for the AccountName queryfield parameter. Therefore, you must strip the claims portion of the credential off before assigning it to the AccountName queryfield in the GetUserProfileByName web service.

      Now, in the GetGroupCollectionFromUser web service, the userLoginName queryfield parameter must be claims based. This is somewhat contradictory to what the GetUserProfileByName web service accepts.

      For instance, in order to get the GetUserProfileName web service to function properly you would assign the AccountName queryfield a value of substring-after(userName(), “0#.w|”).

      In the GetGroupCollectionFromUser web service to function properly, you would assign the userLoginName queryfield a value of userName().

      Hope this helps as I spent quite a bit of time determining this.

  3. great blog, great instruction

    but I get an error when i verify the formular:
    ‘eval’ is not a valid XSLT or XPath function.

    what can I do?

  4. when inserting the fomula

    eval(eval(Group, ‘concat(@Name, “;”)’), “..”)

    I am getting error

    eval(eval(xdXDocument:GetDOM(“GetGroupCollectionFromUser”)/dfs:myFields/dfs:dataFields/ns1:GetGroupCollectionFromUserResponse/ns1:GetGroupCollectionFromUserResult/ns1:GetGroupCollectionFromUser/ns1:Groups/ns1:Group, –>‘<–concat(@Name, “;”)’), “..”)

Leave a Reply

Your email address will not be published. Required fields are marked *

* Copy This Password *

* Type Or Paste Password Here *