SharePoint2013 IT Professional - Permission Level

很多时候，大家在使用SharePoint时对权限元素的定义了解的比较模糊，比如Permission和Permission Level，分别指什么？在SharePoint中控制范围是什么？能实现什么样的用途？

 

因为之前有对Permission做过介绍，现在我们就来详细看下Permission Level。

 

Permission Level是允许用户执行一组Permission的集合，定义在SiteCollection Level。系统管理者可以根据实际需要新建多个Permission Level包含不同的Permission。默认情况下sitecollection有Full Control、design、Edit、Contribute、Read、Limited Access和View Only权限。

比如下面图中，"Read"这个Permission level就包括View Item、OpenItem、View page等Permission。

微软网站对默认几个PermissionLevel的介绍：

Permission level	Description	Permissions included by default
View Only	Enables users to view application pages. The View Only permission level is used for the Excel Services Viewers group.	View Application Pages View Items View Versions Create Alerts Use Self Service Site Creation View Pages Browse User Information Use Remote Interfaces Use Client Integration Features Open
Limited Access	Enables users to access shared resources and a specific asset. Limited Access is designed to be combined with fine-grained permissions to enable users to access a specific list, document library, folder, list item, or document, without enabling them to access the whole site. Limited Access cannot be edited or deleted.	View Application Pages Browse User Information Use Remote Interfaces Use Client Integration Features Open
Read	Enables users to view pages and list items, and to download documents.	Limited Access permissions, plus: View Items Open Items View Versions Create Alerts Use Self-Service Site Creation View Pages
Contribute	Enables users to manage personal views, edit items and user information, delete versions in existing lists and document libraries, and add, remove, and update personal Web Parts.	Read permissions, plus: Add Items Edit Items Delete Items Delete Versions Browse Directories Edit Personal User Information Manage Personal Views Add/Remove Personal Web Parts Update Personal Web Parts
Edit	Enables users to manage lists.	Contribute permissions, plus: Manage Lists
Design	Enables users to view, add, update, delete, approve, and customize items or pages in the website.	Edit permissions, plus: Add and Customize Pages Apply Themes and Borders Apply Style Sheets Override List Behaviors Approve Items
Full Control	Enables users to have full control of the website.	All permissions

 

 

定义好PermissionLevel后，我们可以对SharePoint User或者Group赋予Permission Level，这样User或Group就有了PermissionLevel包含的所有权限。

 

通过实例看下Permissionlevel的创建和使用：

1. 新建site collection，到site settings->Site Permissions，Robbin上点击Permission Levels；

1. 点击"Add a Permission Level"新建Permission level，不能Edit和Delete item；

1. 点击Grant Permissions，填写用户赋予新建的Permission Level；

1. 用Kevin这个用户登录，选择一个document，点击view Properties，Edit和Delete button都是灰掉不可选的，和设置的Permission Level一致，正确。

 

以上就是对SharePoint Permission Level的介绍，感谢阅读！