In the realm of online collaboration, the primary goals are Safety and Security. Otherwise, you may lose control over your online assets.
While collaborating with multiple users in SharePoint, permission levels are necessary to protect confidential data from unauthorized access.
This article will cover all the ins and outs of permissions levels in SharePoint.
So, let’s get started!
Permission level in SharePoint is a group of permissions assigned to a particular or group of users to allow specific types of actions. Each permission level offers a set of special permissions (such as Delete Items, Create Alerts, and so on) to handle the site access more accurately.
In SharePoint, the permission level has two different meanings. One of them is the permission level for a file, folder, or site in SharePoint. In other words, permission for each piece of data.
Contrarily, the other meaning of the permission level is the permission for a particular SharePoint user or group of users. The owners and administrators can directly control both types of permission levels.
For instance, the owner can select permissions for a Word document. If the users have the required permission, they can edit or customize the file. Otherwise, they cannot access the file.
Similarly, when the permission level is set to a group of people or a particular SharePoint user, only the chosen group or particular user can access the file; other groups and users won’t be able to access the file.
There are three basic permission groups in SharePoint, and each of them is assigned to a default permission level. The default groups are Owners (have complete control), Visitors (can only read), and Members (can edit, delete, or contribute), has their default permission levels.
These permission groups are created depending on the data access level of users. The data access level of the users is necessary to secure the SharePoint sites.
Let’s have a look at different types of permission groups:
Owners
It is the highest position among the three permission groups. Owners have complete control over the SharePoint sites and can do anything they need.
While creating a site, the creator must add at least one owner to the site setup page. The owner can do everything, like the Members and Visitors. Furthermore, the owner can also look after the site security, add web parts, and manage controls.
Members
Members are the contributors of SharePoint sites who can read and download the files. And more importantly, members can add, modify, or delete the content of any document. Moreover, members can share the document with others.
Visitors
Visitors have the lowest permission level and can only view and download the files. They are called read-only users.
Note: While creating a new SharePoint site, the creator must select at least one owner. Otherwise, the process won’t be successful.
The default permission levels for team sites in SharePoint are View Only, Limited Access, Contribute, Reward, Edit, Design, and Full Control. Besides, Restricted Read, Approve, and Manage Hierarchy are the default permissions levels for publishing templates.
For explicit instructions on each default permission level for team sites and site templates, have a look at the following discussions.
Here is the list of the default permissions levels for team sites:
- View Only: In view-only mode, users can only view the web pages, lists, and list items. But they cannot download any files.
- Limited Access: Users can access shared resources and assets with limited access permission levels. This mode helps to allow access to a specific list, document library, folder, list item, or document without compromising the entire site access.
- Read: With this permission, users can view pages and list items. Besides, they can also download the documents.
- Contribute: Contributors can quickly view, add, modify, and delete content. They can also edit items and user information, delete versions, and add or remove personal Web Parts.
- Edit: With the Edit permission levels, users can efficiently manage lists.
- Design: Have almost the same permission as contributors. Additionally, they can create document libraries, columns, and views.
- Full Control: With full control, users can perform almost any action on the sites. For instance, they can add or remove members and even change their access.
If you choose a site template instead of the team site template, you will find a different list of default permission levels. Consider the following discussion to find out additional permission levels.
Check the following list of the default permissions levels for publishing template:
- Restricted Read: Users can view pages and documents and only have access to publishing sites. Historical versions are unavailable in this mode.
- Approve: Users can approve and edit pages, documents, and list items.
- Manage Hierarchy: Users can edit pages, documents, and list items. With this permission, users can also create sites.
After understanding the default SharePoint permissions, you should look at different types of SharePoint permissions. Move on to the next section to understand the three categories of permissions.
There are three types of permissions in SharePoint: List permissions, Site permissions, and Personal permissions. Each permission has its own rules and applies to different items. Consider the following discussion for a better understanding of various types of permissions.
Check the subsequent conversation for different types of permissions in SharePoint:
List Permissions
List permissions are only applied to lists and document libraries. It covers various types of permissions including managing lists, adding, editing, deleting, viewing, approving, opening items, creating alerts, viewing and deleting versions, and overriding list behaviors.
Site Permissions
Site permissions are a set of permission that applies to a specific site. For instance, it includes managing permissions, creating and managing websites, viewing web analytics data, applying themes, and adding and customizing web pages.
Furthermore, the site permission also handles viewing pages, browsing directories, creating groups, browsing user information, using remote interfaces, and so on.
Personal Permissions
Personal or individual permissions, like personal views and private web parts, apply to a particular object. It controls the permissions of managing personal views, updating personal web parts, adding personal web parts, and removing personal web parts.
With a clear concept of different permission types, managing SharePoint permissions is effortless.
If you have the owner’s permission, you can quickly change the SharePoint group permissions by opening the SharePoint team site. Simply click Settings, choose Site Permissions, and tweak the permissions according to your need.
To create a custom permission level in SharePoint, use the Advanced permissions settings in the Site permissions option. Then copy an existing permission level and customize it. After creating the new permission levels, you can assign them to the users and control their activity.
For example, when you need to allow users to add/edit a document but restrict them from deleting it, you must create a custom permission level.
Because the Read Only option only allows users to read and download the documents. Contrarily, the Edit option allows users to add/edit and delete documents. But you must create a new level to allow users to add/edit and restrict from deleting the document.
You must have the owner’s permission to create a new permission level. Consider the following procedure to create a custom permission level in SharePoint.
Here are the steps to create new Permission levels:
- Open your browser and sign in to SharePoint.
- Navigate to Settings (Gear Icon) > Site permissions.
- Expand the SharePoint security groups. Locate the Site members – limited control with Edit permission levels. With these permissions, users can add, edit, and delete documents. However, we will create a new permission level where the users can add, edit but not delete the documents.
- Select Advanced permissions settings.
- Switch to the PERMISSIONS tab and click Permission Levels.
- Locate all Permission Levels and click Edit. We will create a custom level using the Edit Permission Level by copying its settings.
- Scroll down and click on Copy Permission Level.
- Type a Name and Description for your permission level.
- Uncheck the Delete Items and Delete Versions checkboxes.
- Scroll down and click Create.
The above procedure will create a new permission level where the users can add, edit, but not delete the documents. Now you can assign the new permission level for users by following the subsequent instructions.
Here’s how to assign the custom permission level for users:
For Non-Microsoft 365 Group sites
- Go to Settings (Gear Icon) > Site permissions.
- Select Advanced permission settings.
- Tick the Members Group checkbox and click Edit User Permissions.
- Uncheck the Edit permission level and check your custom permission level.
- Click OK.
For Microsoft 365 Group sites
- Open the modern Site Permissions screen.
- Change the Members Group permission to Read from Edit.
- Scroll down and click Advanced permissions settings.
- Select Grant Permissions under the PERMISSIONS tab.
- Enter a name for the Security group.
- Choose your custom permission level from the Select a permission level drop-down menu.
Though the users have only Read permission, assigning the new permission level for the users ensures they can now add and edit the documents. However, they won’t be able to delete the documents.
Frequently Asked Questions
Where can you find permission levels in SharePoint?
Go to SharePoint and then navigate to Settings > Site permissions. Scroll down and select Advanced permissions settings. Under the PERMISSIONS tab, click Permission Levels to view the permission levels.
What is the highest permission level in SharePoint?
Owner is the highest permission level in SharePoint, and the owners have complete access to the SharePoint site. The owners have all types of access, combining the Visitors and Members. Besides, they can control site security, add web parts, and manage navigation controls.
How do SharePoint permissions work?
SharePoint has a unique permission-based security model to control the access of site contents. The Owner can add users to a group and permission levels for the site and its contents.
Final Thoughts
While discussing SharePoint permission levels, you will see three basic permission groups: Owners, Members, and Visitors. Moreover, SharePoint offers several default permission levels to manage the site and content permission more effectively.
You can effortlessly create a custom permission level if you don’t find any existing one for your requirements and assign a group of users to the custom permission level.
For further queries, leave your comment below.