Social media


            

Tuesday, November 24, 2009

Deleting list permissions vs. item permissions

We have received an issue report from one of our partners. They have encountered a situation where the Workbox 'List permissions’ activity changed an item security. After looking into this problem we have learned that this is a standard SharePoint behavior, but it needs a bit of explanation.

Workbox allows you to create a workflow that will set SharePoint list permissions. This is achieved through an activity called "List permissions". One of the activity parameters is the "Delete existing permissions" check-box. If you select it Workbox will remove all existing list permissions. This allows you to quickly clear the list permissions and set them exactly the way you want them.

There is one thing that you need to remember about if you break permission inheritance for an element. In general - if you remove a user from the list, then SharePoint will automatically remove this user's permissions from all items in this list. This is because user needs to have access to the list to have any permissions to the item. You can see this behavior if you add someone permissions to some item when they had no permissions assigned directly to the list. The user will get the "Limited access" permission to the list.

Having that in mind, when you select the "Delete existing permissions" check-box ALL permissions to the list will be deleted. This will result in deleting ALL permissions to the items with broken inheritance. So please be very careful in using this settings as it can mess your item permissions.