Hiding the SharePoint 2010 Ribbon From Anonymous Users

The user interface improvements in SharePoint 2010 as a whole are truly amazing. Microsoft has brought this already impressive product leaps and bounds in terms of accessibility, standards, and usability. One thing you might be aware of is the new and quite useful "ribbon" control that appears by default at the top of every SharePoint 2010 master page. Here's a sneak peek:

You'll see this ribbon not only in the 2010 web interface, but also throughout the entire family of Office products coming out this year. Even SharePoint Designer 2010 makes use of the ribbon in a very flexible and useful way.

Hiding the Ribbon

In SharePoint 2010, the ribbon is used almost exclusively for content creation and site administration. It doesn't make much sense to show the ribbon on a public-facing internet site (in fact, it can really retract from your site's design when it appears), so you'll probably want to hide the ribbon when users aren't logged in. Here's how it works:

<div id="s4-ribbonrow" class="s4-pr s4-ribbonrowhidetitle">
<SharePoint:SPSecurityTrimmedControl PermissionsString="ManagePermissions" runat="server">
<!-- Ribbon code appears here... -->
</SharePoint:SPSecurityTrimmedControl>
</div>

　　

In your master page, find the SharePoint ribbon by looking for the line of code that begins with <div id="s4-ribbonrow">. Place the SPSecurityTrimmedControl codeinside this DIV tag to conditionally hide it based on user permissions. In our example, we've hidden the ribbon from any user who doesn't have the ManagePermissionsability, which is going to be almost any user short of a site administrator.

The CSS

Even once you've removed the ribbon from the page using the code above, you'll notice that a horizontal bar, which is a placeholder for the ribbon content, will still appear on your pages. Add a bit of CSS to your master page or an attached style sheet to remove the bar:

body #s4-ribbonrow {
min-height: 0 !important;
height: auto !important;
}

　

Other Permission Levels

You can specify different permission levels for the SPSecurityTrimmedControl, allowing you to configure exactly who can see the SharePoint 2010 ribbon. Basically, this control will hide anything inside of it when users don't have the specifiedPermissionString. The available options include:

List Permissions

ManageLists

CancelCheckout

AddListItems

EditListItems

DeleteListItems

ViewListItems

ApproveItems

OpenItems

ViewVersions

DeleteVersions

CreateAlerts

ViewFormPages

Site Permissions

ManagePermissions

ViewUsageData

ManageSubwebs

ManageWeb

AddAndCustomizePages

ApplyThemeAndBorder

ApplyStyleSheets

CreateGroups

BrowseDirectories

CreateSSCSite

ViewPages

EnumeratePermissions

BrowseUserInfo

ManageAlerts

UseRemoteAPIs

UseClientIntegration

Open

EditMyUserInfo

Personal Permissions

ManagePersonalViews

AddDelPrivateWebParts

UpdatePersonalWebParts

You can use this control to hide anything in your master page or on related page layouts, so be sure to keep it in mind when you're trying to hide/show things conditionally based on user permission.

The One Catch

You may notice that the login control (or welcome control) is actually inside the ribbon by default in SharePoint 2010. You'll probably want to pull this control out of the ribbon and place it elsewhere on your page. Just look for the line of code that looks like this:

<wssuc:Welcome id="IdWelcome" runat="server" EnableViewState="false"/>

Move this code out of the ribbon and into another location within your master page. Save your changes, check in and approve all files, and anonymous users will never know your site is built on SharePoint 2010!

Update 11/5/2010: Changed the master page code and added a bit of CSS to resolve an issue where users sometimes cannot scroll on pages where the ribbon does not appear.