Manage Permissions for SharePoint 2010 Groups
Members in the Site Owners SharePoint 2010 group create the permission structure for a site. The site owner should have a pretty good understanding of who needs to access the site and what that access should be. This means that members of IT usually shouldn’t be site owners. Instead, you want members of the business departments to take responsibility for site ownership.
Permissions are contained within a site collection. Therefore, all the people, groups, and permission levels defined for a site collection are available to every site, list, and library within the collection. Permissions inheritance is in place by default, so all the content and subsites in SharePoint inherit permissions from their parents.
Web sites, lists, libraries, folders, and list items are all securable in SharePoint.
When a site collection is created, all the content structures within the site collection inherit permissions from it. For example, when you create a new site collection using the Team Site template, all the sites, lists, and libraries in the portal inherit permissions from the top-level site. The default permissions configuration for a site collection is as follows:
The Site Owners, Site Visitors, and Site Members groups are created.
The primary and secondary site collection administrators are added to the Site Owners group. These administrators are specified when the site collection is created.
Default SharePoint groups in publishing sites, such as Approvers and Hierarchy Managers, are created and given appropriate permissions.
The site collection’s site owner takes responsibility for planning the permissions. If desired, the site owner can delegate the responsibility of implementing the permissions to the Hierarchy Managers group in publishing sites. In team sites, the owner has to create a new permission level that confers the Manage Permissions permission to those individuals and groups assigned to it.
SharePoint also provides the following set of specialized administrative groups for publishing sites that enable the site’s owner to delegate responsibility:
Approvers: Enables Approve permissions, which allow users to approve items and override document check-outs.
Designers: Grants permission to change the look and feel of sites with style sheets and themes.
Hierarchy Managers: Enables Manage Hierarchy permissions, which makes it possible to manipulate the site’s hierarchy and customize lists and libraries.