SharePoint out-of-box Permissions, and how the
r e r b t o m i s e i V M
User Groups
Permission Levels
y l n O w e i V
s s e c c A d e t i m i L
X
d a e R d e t c i r t s e R
X
w O t l u a e f D (
y h c r a r e i H e g a n a M
n g i s e D
l o r t n o C l l u F
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
e t u b i e r v d t o a n r e o p p R C A
X
X X X
X X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
map to User Groups
Permissions List Permissions Manage Lists Override Check Out Add Items Edit Items Delete Items View Items Approve Items Open Items View Versions Delete Versions Create Alerts View Application Pages
Site Permissions Manage Permissions Permissions View Usage Data Create Subsites Manage Web Site Add and Customize Pages Apply Themes and Borders Apply Style Sheets
Create Groups Browse Directories Use Self-Service Site Creation View Pages Enumerate Permissions Browse User Information Manage Alerts Use Remote Interfaces Use Client Integration Features Open Edit Personal User Information
Personal Permissions Manage Personal Views Add/Remove Personal Web Parts Update Personal Web Parts
Notes. SharePoint provides three User Groups by default: Visitor, Member and Owner. These correspond to three of nine "Permission Levels" that are provided provided for different user security. Each Permission Level is a pre-configured list of specific permissions for doing things on the portal.
Options for customizing: 1. A custom User Group can be defined that maps to a different permission level, or even a combination of permission levels. 2. Users or domain groups can be added under a default Permission Level instead of a User Group 3. A custom Permission Level can be defined if none of the pre-configured lists is suitable. 4. Combinations of the above, such as creating a custom Permission Level, then creating a custom User Group that corresponds to it.
Description
Create and delete lists, add or remove columns in a list, and add or remove public views of a list. Discard or check in a document which is checked out to another user. Add items to lists, add documents to document libraries, and ad d Web discussion comments. Edit items in lists, edit documents in document libraries, edit Web discussion comments in documents, and customize Web Part Pages in document libraries. Delete items from a list, documents from a document library, and We b discussion comments in documents. View items in lists, documents in document libraries, and view Web discussion comments. Approve a minor version of a list item or document. View the source of documents with server-side file handle rs. View past versions of a list item or document. Delete past versions of a list item or document. Create e-mail alerts. View forms, views, and application pages. Enumerate lists.
Create and change permission levels on the Web site and assign permissions to users and groups. View reports on Web site usage. Create subsites such as team sites, Meeting Workspace sites, and Document Workspace sites. Grants the ability to perform all administration tasks for the Web site as well as manage content. Add, change, or delete HTML pages o r Web Part Pages, and edit the Web site using a Windows SharePoint Services-compatible editor. Apply a theme or borders to the entire Web site. Apply a style sheet (.CSS file) to the Web site.
Create a group of users that can be used anywhere within the site collection. Enumerate files and folders in a Web site using SharePoint Designer and Web DAV interfaces. Create a Web site using Self-Service Site Creation. View pages in a Web site. Enumerate permissions on the Web site, list, folder, document, or list item. View information about users of the Web site. Manage alerts for all users of the Web site. Use SOAP, Web DAV, or SharePoint Designer interfaces to access the Web site. Use features which launch client applications. Without this permission, users will have to work on documents locally and upload their changes. Allows users to open a Web site, list, or folder in order to access items inside that container. Allows a user to change his or her own user information, such as adding a picture.
Create, change, and delete personal views of lists. Add or remove personal Web Parts on a Web Part Page. Update Web Parts to display personalized information.
More Notes. User Group definitions are common and available across all sites in a single site collection.
Subsites will, by default, use the same User Groups as the site definition. Custom User Groups can be defined per subsite. These may inherit from the site collection User Groups, or be completely customized. Edit Items is the permission that allows a user to see unpublished versions of documents and pages.
Rollover red Rollover red triangles triangles for individual notes... some permissions depend on others.
SharePoint out-of-box Permissions mapped to Site Settings This spreadsheet shows out-ofshows what permission is nece administrators; administrators; this is not a pe
Key Groups: Site collection Administrators
Permissions:
Site Actions
Edit Items
Edit Page
Add Items
Create Page
Create Subsites
Create Site
Browse Directories
Show Page Editing Toolbar View All Site Content View Reports Site Settings Manage Content and Structure
Permissions:
Site Settings
Manage Lists
Users and Permissions
View Usage Data
People and Groups
Create Subsites
Site collection administrators
Add and Customize Pages
Advanced permissions
Manage Web Site Apply Themes and Borders Browse User Information Enumerate Permissions
Additional trimming of function For example: clearing Manage links, but when browsing to Ad links on that page are trimmed
box security trimming of Site Actions and Site Settings. All possibl ssary for that link to appear, appear, according to the key key at left. Links wi mission but a group.
Map of permissions to the Site Actions menu
This menu item will be visible if any of the Site Settings are permi
Map of permissions to the Site Settings page
Look and Feel
Galleries
Master page
Site content types
Title, description, and icon
Site columns
Navigation
Site templates
Page layouts layouts and and site template templates s Lis Listt templates templates Welcome page Tree view Site theme
Web Parts Workflows Master pages and page layouts
Reset to site definition Searchable columns
ality is not shown here. ermissions ermissions has no effect on these anced permissions, some functions & out.
le out-of-box links are shown below. below. The color behind the link h a red background only appear for users who are site
tted for this user… see next map
Site Administration
Site Collection Administration
Regional settings
Search settings
Site libraries and lists
Search scopes
Site usage reports
Search keywords
User alerts
Recycle bin
RSS
Site directory settings
Search visibility
Site collection usage reports
Sites and workspaces
Storage space allocation
Site features
Site collection features
Delete this site
Site hierarchy
Related Related Links Links scope scope settings settings Portal Portal site site connec connection tion Site output cache
Site collection audit settings
Content and structure
Audit log reports
Cont Conten entt and and stru struct ctur ure e logs logs
Site Site col colle lect ctio ion n poli polici cies es Site collection object cache Site collection cache profiles Site collection output cache Variations Variation labels Translatable columns
Variation logs
