SharePoint gives you multiple ways to manage access to your site and site content. Permission levels administered via groups control which users can access your site, web parts, and content, as well as, what users can do with content or customizations on the site. SharePoint includes four preloaded permission levels with the following rights:
Full Control: Users or groups can edit any content or site data. This level is best left for the SharePoint admin and a small handful of accountable site members.
Design: Users or groups can only view, add, update, delete, approve, or customize site content.
Contribute: Users or groups can only view, add, update, and delete site content.
- Read: Users or groups can only view content.
These levels typically cover the span of permissions needed by most businesses. However, you can create a custom permission level (for example, a group that can view, add, update, and approve) or delete one of the preloaded permission levels.
Using Permission Levels
User Permissions: These permissions follow users all the way through the site. That means that any element the user accesses, they will be able to execute at the permission level assigned. You can opt to give new users membership to a group that includes the desired permission level or you can give the individual user the permission level desired. Using groups to control permissions makes large-scale permission changes easier. When adding users, assign the minimal permission level needed to perform tasks on the site to avoid overwhelming them with menus that aren’t applicable or overexposing protected information.
Group Permissions: During the process of creating a group, you’ll select permission levels that determine what group members can do with site elements. Each member of the group shares the same set of rights unless an individual member is assigned a permission level above the group (an user with Full Control who is a member of group with Read control would retain their Full Control status). Before you edit individual user permissions, consider creating a group for the permission level instead. This will allow you to use it for other members in the future. SharePoint comes with three groups installed: Members, Owners, Visitors. You can use these groups and edit their permission levels as needed or create your own groups with desired permission levels.
Content Item Permissions: Items like document libraries, blogs, wikis, lists, documents, list items, etc. automatically inherit permissions from the parent folder or library. After you’ve uploaded content or created a new site element, you can set permissions to the selected item. Access to content items are also managed via groups. You have the option of creating a group to manage access to an item or adding external users to access an item. View step-by-step instructions on how to add an external user on our Support Site.
To view instructions on assigning permissions, creating new users or groups, and other SharePoint tasks, visit the Working with SharePoint section of our Support Site. If you need more detailed information on how to create custom permission levels and groups, check back next week for a post covering the specifics of customization.