So what is Sharepoint:
Microsoft describes a SharePoint site collection as, “A SharePoint site collection is a hierarchical set of sites that can be managed together. Sites within a site collection have common features, such as shared permissions, galleries for templates, content types, and Web Parts, and they often share a common navigation. A site collection contains a single top-level site, and any number of subsites organized in a hierarchy. A subsite is a single SharePoint site within a site collection. A subsite can inherit permissions and navigation structure from its parent site or these can be specified and managed independently. Creation of subsites can be delegated to users of a site collection, but creation of site collections must be performed by a service administrator.” (https://technet.microsoft.com/en-us/library/cc262410.aspx)
1. There are 5 built-in permission levels within SharePoint (Full Control, Design, Contribute, Read and Limited Access). These permission levels are made up of a combination of 33 different SharePoint permissions which can be broken up into three different sub-categories. The built-in permission levels can also be modified to include or exclude any of the individual permissions. Customized permission levels can also be created for more granular controls as well. Further details can be found on Microsoft’s site (http://office.microsoft.com/en-us/windows-sharepoint-services-help/permission-levels-and-permissions-HA010100149.aspx)
2. The first permission category is List Permissions. These permissions only apply to lists and libraries and consist of the permissions below:
– Manage Lists: Create and delete lists, add or remove columns in a list, and add or remove public views of a list.
– Override List Behaviors: Discard or check in a document that is checked out to another user, and change or override settings that allow users to read/edit only their own items.
– Add Items: Add items to lists, and add documents to document libraries.
– Edit Items: Edit items in lists, edit documents in document libraries, and customize Web Part pages in document libraries.
– Delete Items: Delete items from a list, and documents from a document library.
– View Items: View items in lists, and documents in document libraries.
– Approve Items: Approve a minor version of list items or document.
– Open Items: View the source of documents with server-side file handlers.
– View Versions: View past versions of a list item or document.
– Delete Versions: Delete past versions of list items or documents.
– Create Alerts: Create alerts.
– View Application Pages: View forms, views, and application pages. Enumerate lists.
3. The second permission category is Site Permission. These permissions only apply to a specific site and consist of the permissions below:
– Manage Permissions: Create and change permission levels on the web site and assign permissions to users and groups.
– View Web Analytics Data: View reports on Web site usage.
– Create Subsites: Create subsites such as team sites, Meeting Workspace sites, and Document Workspace sites.
– Manage Web Site: Grants the ability to perform all administration tasks for the web site, as well as manage content.
– Add and Customize Pages: Add, change, or delete HTML pages or Web Part pages, and edit the website.
– Apply Themes and Borders: Apply a theme or borders to the whole website.
– Apply Style Sheets: Apply a style sheet (.css file) to the website.
– Create Groups: Create a group of users that can be used anywhere within the site collection.
– Browse Directories: Enumerate files and folders in a website by using SharePoint Designer 2013 and Web DAV interfaces.
– Use Self-Service Site Creation: Create a website using Self-Service Site Creation.
– View Pages: View pages in a website.
– Enumerate Permissions: Enumerate permissions on the website, list, folder, document, or list item.
– Browse User Information: View information about users of the website.
– Manage Alerts: Manage alerts for all users of the website.
– Use Remote Interfaces: Use SOAP, Web DAV, the Client Object Model, or SharePoint Designer 2013 interfaces to access the website.
– Use Client Integration Features: Use features that launch client applications. Without this permission, users must work on documents locally and then upload their changes.
– Open: Enables users to open a website, list, or folder to access items inside that container.
– Edit Personal User Information: Enables users to change their own user information, such as adding a picture.
4. The third permission category is Personal Permissions. These permissions only apply to things like personal views and private web parts and consist of the permissions below:
– Manage Personal Views: Create, change, and delete personal views of lists.
– Add/Remove Personal Web Parts: Add or remove personal Web Parts on a Web Part page.
– Update Personal Web Parts: Update Web Parts to display personalized information.