Tuesday, December 28, 2010

SharePoint User Permissions

When SharePoint is installed, by default it will create a set of Permissions, which can be viewed by “Central Administration” => “Application Management” => “Manage WebApplications” => Highlight the WebApplication => Click on “User Permission”.

image

To secure the contents at various levels within SharePoint sites, it is these permissions that has to be enabled by the administrators. Each permission has a level of it’s own which can be; List, Site or Personal.

These Permissions are grouped/combined to create the Permission Levels. 

List level Permissions…

Permission Description Type Permission Level

Manage Lists

Create and delete lists, add
or remove columns in a list,
and add or remove public
views of a list.

List

Full Control, Design, Manage
Hierarchy

Override
Check Out

Discard or check in a document
that is checked out to
another user.

List

Full Control, Design, Approve,
Manage Hierarchy

Add Items

Add items to lists, and add
documents to document
libraries.

List

Full Control, Design, Contribute,
Approve, Manage Hierarchy

Edit Items

Edit items in lists, edit documents
in document libraries,
and customize Web Part
pages in document libraries.

List

Full Control, Design, Contribute,
Approve, Manage Hierarchy

Delete Items

Delete items from a list, and
documents from a document
library.

List

Full Control, Design, Contribute,
Approve, Manage Hierarchy

View Items

View items in lists, and documents
in document libraries.

List

Full Control, Design, Contribute,
Read, Approve, Manage
Hierarchy, Restricted Read

Approve Items

Approve a minor version of a
list item or document.

List Full Control, Design, Approve
Open Items

View the source of documents
with server-side file
handlers.

List

Full Control, Design, Contribute,
Read, Approve, Manage
Hierarchy, Restricted Read

View Versions

View past versions of a list
item or document

List

Full Control, Design, Contribute,
Read, Approve, Manage
Hierarchy

Delete
Versions

Delete past versions of a list
item or document.

List

Full Control, Design, Contribute,
Approve, Manage Hierarchy

Create Alerts Create alerts List

Full Control, Design, Contribute,
Read, Approve, Manage
Hierarchy

View
Application
Pages

View forms, views, and application
pages; enumerate lists.

List

Full Control, Design, Contribute,
Read, Approve, Manage
Hierarchy

Site level Permissions…

Permission Description Type Permission Level

Manage
Permissions

Create and change permission
levels on the website
and assign permissions to
users and groups.

Site Full Control, Manage Hierarchy

View Web
Analytics Data

View reports on website
usage.

Site Full Control, Manage Hierarchy

Create
Subsites

Create subsites such
as Team sites, Meeting
Workspace sites, and
Document Workspace sites.

Site Full Control, Manage Hierarchy

Manage
Web Site

Grant the ability to perform
all administrative tasks for
the website, as well as manage
content.

Site Full Control, Manage Hierarchy

Add and
Customize
Pages

Add, change, or delete
HTML pages or Web Part
pages, and edit the website
using a Microsoft SharePoint
Foundation compatible editor.

Site

Full Control, Design, Manage
Hierarchy

Apply Themes
and Borders

Apply a theme or borders to
the entire website

Site Full Control, Design

Apply Style
Sheets

Apply a style sheet (.CSS file)
to the website.

Site Full Control, Design
Create Groups

Create a group of users that
can be used anywhere within
the site collection.

Site Full Control

Browse
Directories

Enumerate files and folders
in a website using SharePoint
Designer and WebDAV
interfaces.

Site

Full Control, Design, Contribute,
Approve, Manage Hierarchy

Use Self-
Service Site
Creation

Create a website using Self-
Service Site Creation

Site

Read, Contribute, Design,
Full Control

View Pages View pages in a website. Site

Full Control, Design, Contribute,
Read, Approve, Manage
Hierarchy, Restricted Read

Enumerate
Permissions

Enumerate permissions on
the website, list, folder, document,
or list item.

Site Full Control, Manage Hierarchy

Browse User
Information

View information about users
of the website.

Site

Full Control, Design, Contribute,
Read, Limited Access, Approve,
Manage Hierarchy

Manage Alerts

Manage alerts for all users of
the website.

Site Full Control, Manage Hierarchy

Use Remote
Interfaces

Use SOAP, Web DAV, the
Client Object Model, or
SharePoint Designer interfaces
to access the website.

Site

Full Control, Design, Contribute,
Read, Approve, Manage
Hierarch

Use Client
Integration
Features

Use features that launch client
applications. Without this
permission, users must work
on documents locally and
upload their changes.

Site

Full Control, Design, Contribute,
Read, Limited Access, Approve,
Manage Hierarchy

Open

Allow users to open a website,
list, or folder in order
to access items inside that
container.

Site

Full Control, Design, Contribute,
Read, Limited Access, Approve,
Manage Hierarchy, Restricted
Read

Edit Personal
User
Information

Allow a user to change his
own user information, such
as adding a picture.

Site

Full Control, Design, Contribute,
Approve, Manage Hierarchy

Personal level Permissions…

Permission Description Type Permission Level

Manage
Personal
Views

Manage
Personal
Views

Personal

Full Control, Design, Contribute,
Approve, Manage Hierarchy

Add/Remove
Personal
Views

Add or remove personal Web
Parts on a Web Part page.

Personal

Full Control, Design, Contribute,
Approve, Manage Hierarchy

Update
Personal Web
Parts

Update Web Parts to display
personalized information

Personal

Full Control, Design, Contribute,
Approve, Manage Hierarchy

A blog post on Permission levels soon to be released. Winking smile

1 comment:

SharePoint Engine said...

Excellent post I must say.. Simple but yet entertaining and engaging.. Keep up the awesome work!
SharePoint Consulting has the ability to take any example, workflows, portals, websites and much more.