Best Practices for Unique Permissions in a SharePoint List

You may also like...

4 Responses

  1. Sudeep says:

    Hi Zubair, how do you suggest we tackle typical scenario where the item needs to be visible to the creator and his manager, like appraisal workflows, leave workflows.

  2. Zubair Alexander says:

    Hi Sudeep,

    As a best practice item-level permissions are discouraged. In your situation you can create a new list with unique permissions. You may see talk on the Internet about creating folders to assign unique permissions but my advice is to stay away from folders. I tell my students we don’t use the “F” word in SharePoint so let’s not even talk about folders :). There are some very rare cases where you can justify the use of folders and most people will never run into those rare situations.

    Another way to deal with the situation is to create a list and change the default view to only show items that were created by or modified by [Me]. You can disable users ability to create personal views and create a custom permission level that allows users only to upload or delete items but doesn’t allow them to create, delete, update list views. Obviously, you will allow managers to be able to see all the items.

  3. Omer Zubair says:

    I agree with Zubair, Folders and SP doesn’t gel very well. But sharing my experience when folders can be very useful.

    We all know that item-level permissions are strain on server but consider this: if you go with single item level design then unique items you can have is 50,000 .

    However If you classify your items on single level folder design (not sub-folders in folders/ fine grained permissions) and break inheritance on folder level. Then you can go 50,000 unique folders and every folder can have multiple items 🙂

    List –> Folder01
    –> Item01
    –> Item02
    –> Folder02
    –> Item03
    –> Folder03
    –> Item04
    –> Item05

    Hope this helps.

  4. Bhavdip Shah says:

    If we Disable Throttling on some specific list which has large number of items and 50,000 unique permissions groups already created then does it allow to Add new security group (After disabling throttling on that list. Reference Code SPList.EnableThrottling=False;), please confirm.

Leave a Reply

Your email address will not be published. Required fields are marked *

two × one =