Tuesday, March 13, 2007

Creating Customized SharePoint Permissions

Problem

SharePoint is widely used for storing and maintaining content. Different groups of users access SharePoint, but what if an organization wants to provide granular customized access rights like read, write or delete for different users? SharePoint does provide some permission levels like Full Control, Design, Contribute, Read, Limited Access and others. The problem with these permission levels is that they are predefined. Sometimes these predefined permission sets do not satisfy the business needs. For instance, if you want to provide a set of users read and add permissions, without being able to delete items. This wouldn't be possible with the predefined SharePoint levels as it provides you add, edit and delete access all together.

Solution

SharePoint facilitates the ability for administrators to create user defined permission levels (i.e. one can create custom permission levels with the desired permissions). Here we will create a custom permission level which will allow users only to view and add list items. The user will not be able to perform other operations on list items like edit and delete.

Creating a custom permission level

First, we will create a custom permission level. To create a custom permission level, go to Site Actions->Site Settings. Under the "Users and Permissions" category, click on "Advanced permissions".



Now click on Settings->Permission Levels



Click on "Add a Permission Level"



Provide a unique name and description to the Permission Level. Permission Levels are divided into three levels
  • List
  • Site
  • Personal
Each set contains different kind of permission selections like add, edit, delete, open, etc.... In our case we need to update List and Site permissions in order to allow users to access sites and perform operations on a list. So in the "Permissions" category, under the "List Permissions" section, select the below three permissions:
  • Add Items - Add items to lists, add documents to document libraries, and add Web discussion comments.
  • View Items - View items in lists, documents in document libraries, and view Web discussion comments.
  • View Application Pages - View forms, views, and application pages. Enumerate lists.


Under the "Site Permissions" section, select the permissions below:
  • View Pages - View pages in a Web site.
  • Open - Allows users to open a Web site, list, or folder in order to access items inside that container.


Click on "Create" and now you can see the custom permission level listed in site permission levels.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

A sales engineer is someone who promise you a bridge, even when there's no river.