IT tutorials
 
Applications Server
 

Sharepoint 2013 : Security and Policy - Permissions and Permission Levels (part 1)

11/13/2014 8:29:15 PM
- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019

A single permission in SharePoint is a specific action that a user may take on a securable object. For example—reading the value of a SharePoint list item is a specific permission, often granted to groups of users who need to read lists and their contained items. SharePoint maintains many permissions in the platform, and the different permissions available to users depend on what an administrator (or owner of content) wishes to secure. Documents in document libraries offer a different set of permissions from those of a site in a site collection. Table 1 shows a sample subset of permissions available for lists; other permissions exist for sites and personalization.

Table 1. Subset List Permissions in SharePoint

Permission Description
Add Items Add new items to lists and add new documents to document libraries.
Edit Items Edit items in lists and edit documents in document libraries.
Delete Items Delete items from lists and documents from document libraries.
View Items View items in lists and documents in document libraries.
Open Items View the content within documents of a document library, not just the metadata of the associated list item.
View Versions View previous versions of a list or document library.
Delete Versions Delete previous versions of a list or document library.
Create Alerts Create e-mail alerts for lists whenever something changes (configured when the user creates the alert).
View Application Pages View forms, views, and application pages. The view lockdown feature turns off this permission on pages and document libraries in publishing sites so anonymous users may not view back-end list content.
Approve Items Approve a minor version of a list item in a list or document in a document library.
Override Checkout Override checkout by another user on a list item in a list or document in a document library.
Manage Lists Create and delete lists, add and remove columns in a list, and add and remove public views of the list.

With the vast number of permissions available in the SharePoint platform, managing them and assigning the correct permissions to users or groups of users is no trivial task, which is where permission levels come in. A permission level is analogous to a permission set—a set of permissions that group together and when applied to a securable object provide the user or user group with related operations on the securable object. For example, the Read permission level consists of various read permissions for most read-like operations of a securable object and the Contribute permission level provides a number of write permissions to securable objects.

Microsoft labels permission levels with role-like titles, which new users sometimes confuse with those of SharePoint security groups. If you think about it, using role names makes sense, as a set of permissions often defines the role of the user or groups of users applied. Table 2 defines the standard set of permission levels available in SharePoint.

Table 2. Standard Permission Levels

Permission Level Description
Full Control Users with this permission level have full access to all operations on the secured object, including that of administrative operations. This is not the same as the distinct set of permissions granted to site collection administrators, who have a greater set of administration capabilities.
Design Users at this permission level have contributor rights and certain permissions to effect change of a securable object, but not administrative rights. Designers typically have permission to change the content in containers (lists and sites) and configure containers, whereas contributors can only write and delete content within containers. Users with Design permission level may also approve content in lists with content approval enabled.
Contribute This is a standard permission level to grant users or groups of users add, edit, and delete rights to lists and list items. Typically, users asked to join a SharePoint site to collaborate on content have contribute rights to make edits to existing content, add new content, or delete old content.
Read Users with the Read permission level can access all content in containers in read-only mode. Readers may download documents in document libraries and view lists and list items but not change anything.
Limited Access This permission level is special in that SharePoint grants it to users or groups of users for a specific secured object that has custom permissions. For example, if the owner of a list applies specific permissions, not as part of a specific permission set, then SharePoint shows the permission set as Limited Access. Limited Access permissions typically apply only to one item at a time in the container, not to all other items.
View Only Users or groups of users with View Only permissions cannot download content. This level has similar permissions to the Read permission level but does not allow users to download documents from document libraries.
Restricted Read This permission level is similar to the Read permission level but has only four of the eleven permissions that Read contains. This permission is available only in publishing sites. It provides users with this permission level access to read content without the ability to create alerts, browse user information, or use client integration (interact with Microsoft Office).
Approve This permission level is available in publishing sites only and grants users or groups the capability to edit list items and documents as well as approve items in lists with content approval enabled.
Manage Hierarchy This permission level is available in publishing sites only and is similar to the Design permission level. It enables users or groups of users to create sites and edit list items and documents. The major difference between the Design permission level and the Manage Hierarchy level is that this permission level does not grant approval rights on list items or documents in lists that have content approval enabled.

Figure 3 shows an example list of permission levels applied to a site. To get to this page, select Site Permissions under the Users and Permissions section within Site Settings, and then click Permission Levels on the ribbon.

9781430249412_Fig07-03.jpg

Figure 3. Site Permission Levels

 
Others
 
- Sharepoint 2013 : Security and Policy - Security Administration
- Installing Exchange Server 2010 : Command-Line Setup (part 2) - Command-Line Server Recovery Options , Command-Line Delegated Server Installation , Installing Language Packs
- Installing Exchange Server 2010 : Command-Line Setup (part 1) - Command-Line Installation Options
- Installing Exchange Server 2010 : Graphical User Interface Setup
- Installing Exchange Server 2010 : Preparing for Exchange 2010 Ahead of Time (part 2) - Preparing the Active Directory Forest,Preparing Additional Domains
- Installing Exchange Server 2010 : Preparing for Exchange 2010 Ahead of Time (part 1) - Existing Exchange Organizations , Preparing the Schema
- Securing an Exchange Server 2007 Environment : Securing Outlook Web Access
- Securing an Exchange Server 2007 Environment : Protecting Against Spam (part 2) - Filtering Junk Mail
- Securing an Exchange Server 2007 Environment : Protecting Against Spam (part 2) - Filtering Junk Mail
- Securing an Exchange Server 2007 Environment : Protecting Against Spam (part 1) - Protecting Against Web Beaconing
 
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
Technology FAQ
- Is possible to just to use a wireless router to extend wireless access to wireless access points?
- Ruby - Insert Struct to MySql
- how to find my Symantec pcAnywhere serial number
- About direct X / Open GL issue
- How to determine eclipse version?
- What SAN cert Exchange 2010 for UM, OA?
- How do I populate a SQL Express table from Excel file?
- code for express check out with Paypal.
- Problem with Templated User Control
- ShellExecute SW_HIDE
programming4us programming4us