When SharePoint is installed, by default it will create a set of Permissions, which can be viewed by “Central Administration” => “Application Management” => “Manage WebApplications” => Highlight the WebApplication => Click on “User Permission”.
To secure the contents at various levels within SharePoint sites, it is these permissions that has to be enabled by the administrators. Each permission has a level of it’s own which can be; List, Site or Personal.
These Permissions are grouped/combined to create the Permission Levels.
List level Permissions…
Permission | Description | Type | Permission Level |
Manage Lists | Create and delete lists, add | List | Full Control, Design, Manage |
Override | Discard or check in a document | List | Full Control, Design, Approve, |
Add Items | Add items to lists, and add | List | Full Control, Design, Contribute, |
Edit Items | Edit items in lists, edit documents | List | Full Control, Design, Contribute, |
Delete Items | Delete items from a list, and | List | Full Control, Design, Contribute, |
View Items | View items in lists, and documents | List | Full Control, Design, Contribute, |
Approve Items | Approve a minor version of a | List | Full Control, Design, Approve |
Open Items | View the source of documents | List | Full Control, Design, Contribute, |
View Versions | View past versions of a list | List | Full Control, Design, Contribute, |
Delete | Delete past versions of a list | List | Full Control, Design, Contribute, |
Create Alerts | Create alerts | List | Full Control, Design, Contribute, |
View | View forms, views, and application | List | Full Control, Design, Contribute, |
Site level Permissions…
Permission | Description | Type | Permission Level |
Manage | Create and change permission | Site | Full Control, Manage Hierarchy |
View Web | View reports on website | Site | Full Control, Manage Hierarchy |
Create | Create subsites such | Site | Full Control, Manage Hierarchy |
Manage | Grant the ability to perform | Site | Full Control, Manage Hierarchy |
Add and | Add, change, or delete | Site | Full Control, Design, Manage |
Apply Themes | Apply a theme or borders to | Site | Full Control, Design |
Apply Style | Apply a style sheet (.CSS file) | Site | Full Control, Design |
Create Groups | Create a group of users that | Site | Full Control |
Browse | Enumerate files and folders | Site | Full Control, Design, Contribute, |
Use Self- | Create a website using Self- | Site | Read, Contribute, Design, |
View Pages | View pages in a website. | Site | Full Control, Design, Contribute, |
Enumerate | Enumerate permissions on | Site | Full Control, Manage Hierarchy |
Browse User | View information about users | Site | Full Control, Design, Contribute, |
Manage Alerts | Manage alerts for all users of | Site | Full Control, Manage Hierarchy |
Use Remote | Use SOAP, Web DAV, the | Site | Full Control, Design, Contribute, |
Use Client | Use features that launch client | Site | Full Control, Design, Contribute, |
Open | Allow users to open a website, | Site | Full Control, Design, Contribute, |
Edit Personal | Allow a user to change his | Site | Full Control, Design, Contribute, |
Personal level Permissions…
Permission | Description | Type | Permission Level |
Manage | Manage | Personal | Full Control, Design, Contribute, |
Add/Remove | Add or remove personal Web | Personal | Full Control, Design, Contribute, |
Update | Update Web Parts to display | Personal | Full Control, Design, Contribute, |
A blog post on Permission levels soon to be released.