Creating Custom Permission Levels
SharePoint allows site administrators to
create their own unique permission levels. For example, perhaps the
content owner would like to allow contributor access to items in a
list, but prevent deletion of any list item. The standard permission
levels provide only Contributor or Read levels, but not a mix of the
two, so a custom permission level can solve this requirement.
The easiest method for creating a permission
level in SharePoint is to create the new level based on an existing
permission level—in this case use the Contribute permission level.
Permission levels reside at the site level and inherit through subsites
in the hierarchy. Choosing to add a new site permission level at the
top of the site collection enables use of the permission level across
the entire site collection.
Note Permission levels reside within sites.
- Click the gear icon and select the Site Settings menu option.
- Click the link for Site Permissions.
- Click the Permission Levels icon on the ribbon.
- Click the link for the permission level you want to copy—in this
case, the Contribute permission level. SharePoint will show you a page
of the permissions contained in the selected permission level.
- Scroll to the bottom of the page and click the Copy Permission Level button.
- Provide a name and description for the new permission level and
change the contained permissions. In this case, find the Delete Items
permission and uncheck the check box.
- Scroll to the bottom of the page and click the Create button.
SharePoint will navigate you back to the site Permission Levels page
with the new permission level shown along with the default permission
levels (Figure 2).
How do you create a new permission level without starting from an existing one?
- Follow steps 1 and 2 in the previous procedure.
- Click the Add a Permission Level button at the top of the list in the Permission Levels page.
- Provide a name and description and select the desired permissions in the permission level.
Note Some
permission items depend on others, so you may see SharePoint
automatically select permissions based on the permissions you choose to
include in the permission level.
- Click the Create button to create the new permission level.
Editing an existing permission is also an easy process, although not recommended.
Microsoft best practices stipulate that it is better to create a new
permission level based on an existing one. Users familiar with
SharePoint expect that the stock permission levels behave as installed,
and changing these permission levels may affect the stability of user
permissions in the site hierarchy. If you wish to proceed, follow these
steps:
- Follow steps 1 and 2 of the first procedure in this section.
- Click the Permission Level Name to edit. SharePoint will show the
name, description, and contained permissions in the permission level.
- Edit the permission level and then click the Submit button at the bottom of the page.
Deleting permission levels is also an easy process.
- Follow steps 1 and 2 at the beginning of this section.
- Check the check box next to the permission levels you desire to delete.
- Click the Delete Selected Permission Levels button at the top of the page.
- SharePoint will display a confirmation dialog, like that in Figure 3; click OK to proceed with the delete or Cancel to revert.
Note Deletion
of a permission level that is in use by a user or group for a
particular context (site, list, or whatever level) causes SharePoint to
lose the permissions for the deleted level. Take care in deleting
permission levels, especially the standard permission levels, which
Microsoft does not recommend.
