View Permission Assignments in SharePoint 2010 - dummies

View Permission Assignments in SharePoint 2010

A SharePoint 2010 team site can have all the elements of an authorization model — people, groups, and permissions, in other words — but still not be secure. The deciding factor in securing SharePoint’s content lies with the permission assignments made on securable objects such as sites, lists, and libraries. A permission assignment consists of permissions, principals (users and groups), and securable objects.

Permissions are the smallest unit for managing security in SharePoint. Permissions confer rights, such as View Pages rights or Add Items rights, that a user may have. In SharePoint, you deal with following three permission types:

  • List: Permissions related to accessing lists and list items.

  • Site: Permissions related to accessing sites, pages, and permissions.

  • Personal: Permissions related to creating personal views of web pages.

When managed properly, you never have to work with permissions on a case-by-case basis because permissions are never assigned directly to principals. Rather, they’re assigned to permission levels, which are assigned to default SharePoint groups. You can also assign permission levels directly to user accounts or custom SharePoint groups you create.

Follow these steps to view a list of permission levels for a site:

  1. Choose Site Actions→Site Permissions to access the site’s People and Groups page.

    A list of groups and their corresponding permission levels appear.

    If you’ve assigned permission levels to user accounts or domain group accounts outside SharePoint groups, you see them listed here.

    Each site inherits its site permission assignments from its parent site or has its own unique permission assignments.


  2. Click the Permission Levels button on the Ribbon.

    The Permission Levels page appears. You can use this page to create new permission levels or modify existing ones.

  3. Click a permission level, such as Contribute, to view or modify the permissions in the permission level.

    Note: The permissions you see might not be the entire set of permissions available in SharePoint. The server administrator can limit the list of permissions available to a web application using Web Policies.


Keep in mind that the Permissions Levels page doesn’t really show individual permissions. Instead, the page shows permission levels.

The following table lists the permission levels, the rights they grant, and the SharePoint group they’re assigned to by default.

Permission Levels
Permission Level Rights Granted SharePoint Group Assigned to by Default
Full Control Wield administrative access Site Owners
Design Change the site’s look and feel Designers
Manage Hierarchy Manage the site’s structure and permissions Hierarchy Managers
Approve Approve content Approvers
Contribute Add and modify content Site Members
Read View all content, including history Site Visitors
Restricted Read View and open Restricted Readers
Limited Access Open (same as guest access) Quick Deploy Users
View Only View items and pages Viewers