ATOI365D

 #Office365Challenge Today’s post is special, not because it’s the 210th one in a row, or because it’s about permissions. It’s the first blog post I’ve written away from home, which is South Africa, and that’s kinda special to me.

Day: 210 of 365, 155 left
Tools: SharePoint
Description: Default permission levels in SharePoint

Yup, it’s 26 September 2016, I’m in Atlanta, attending Ignite. It’s 11pm and I’m exhausted after a first day of conference. I cannot begin to explain the magnitude of the conference, but what I can do is express my gratitude towards GTconsult for making it all possible.


My next couple of posts will be all about the permissions in SharePoint, today we’ll cover the default permission levels.

Permission levels are common levels of permissions which can be assigned to single users as well as groups of users. These levels consist of various permissions or attributes ‘grouped’ to make up a level.

Below you will see the different levels. These can be modified (except Full Control and Limited Access). I do suggest making a copy of a level and then applying changes. For example:  ‘Contribute cannot delete’ will be a copy of the Contribute level, with the delete actions removed. I will show you how to do this in a separate post.

Permission Level Description
Full Control Contains all available SharePoint permissions. By default, this permission level is assigned to the Owners group. It can’t be customized or deleted.
Design Create lists and document libraries, edit pages and apply themes, borders, and style sheets on the site. There is no SharePoint group that is assigned this permission level automatically.
Edit Add, edit, and delete lists; view, add, update, and delete list items and documents. By default, this permission level is assigned to the Members group.
Contribute View, add, update, and delete list items and documents.
Read View pages and items in existing lists and document libraries and download documents.
Limited Access Enables a user or group to browse to a site page or library to access a specific content item when they do not have permissions to open or edit any other items in the site or library. This level is automatically assigned by SharePoint when you provide access to one specific item. You cannot assign Limited Access permissions directly to a user or group yourself. Instead, when you assign edit or open permissions to the single item, SharePoint automatically assigns Limited Access to other required locations, such as the site or library in which the single item is located.
Approve Edit and approve pages, list items, and documents. By default, the Approvers group has this permission.
Manage Hierarchy Create sites and edit pages, list items, and documents. By default, this permission level is assigned to the Hierarchy Managers group.
Restricted Read View pages and documents, but not historical versions or user permissions.
View Only View pages, items, and documents. Any document that has a server-side file handler can be viewed in the browser but not downloaded. File types that do not have a server-side file handler (cannot be opened in the browser), such as video files, .pdf files, and .png files, can still be downloaded.

Note:  Be very careful when assigning Edit / Contribute rights. Users with Edit rights can delete apps as well, whereas users with Contribution rights can only delete content.

Tomorrow we’ll start looking at planning your permissions better and all the considerations.

Overview of my challenge: As an absolute lover of all things Microsoft, I’ve decided to undertake the challenge, of writing a blog every single day, for the next 365 days. Crazy, I know. And I’ll try my best, but if I cannot find something good to say about Office 365 and the Tools it includes for 365 days, I’m changing my profession. So let’s write this epic tale of “Around the Office in 365 Days”. My ode to Microsoft Office 365.

Keep in mind that these tips and tricks do not only apply to Office 365 – but where applicable, to the overall Microsoft Office Suite and SharePoint.