In this blog we will break the inheritance at the Site Level. At the moment we break inheritance, a copy of the permission levels set on the groups is made and at that exact instant nothing would be different, however everything we do from that moment on to the permissions on this site will flow down to any sites, lists, libraries below it.
Copy Existing Permissions 1
From the top level site in our site collection I click Site Actions>Site Permissions.
Copy Existing Permission 2
I click the Permission Levels icon in the Ribbon.
Copy Existing Permission 3
Out of the box the members group has the contribute permission level applied to it. In this case, that is the closest permission level so I click on Contribute to get to its detail screen.
Copy Existing Permission 4
I scroll to the bottom and click on Copy Permission Level. There are 33 possible checkboxes to set in an out of the Box SharePoint 2010 implementation.
Customize Settings
I give the new permission level the name 'contributeWithoutDelete' and uncheck the Delete Items check box. Some of the permissions have dependencies so when you uncheck one, others might automatically uncheck themselves. In this case that didn't happen but if it does that is expected behavior.
Save the new Level 1
I scroll down and click the create button.
Save the new Level 2
I am taken to the Permission Levels Page where I can verify that the new permission level 'contributeWithoutDelete' has been created and is ready for use. I now need to get to the target site.
Getting to the Target Site
From the top level site of our site collection I click the link to the Secured Site (I created the site earlier).
Break Inheritance 1
From the target site I click Site Actions> Site Permissions
Break Inheritance 2
I click Stop Inheriting Permissions. Notice the Ribbon saying that currently This Web site inherits permissions from its parent and presents a link to the permissions settings screen for the parent site.
Create a new SharePoint Group and apply the new Permission Level 1
I click the Create Group Icon in the Ribbon in order to create a new SharePoint Group.
Create a new SharePoint Group and apply the New Permission Level 2
I give the group a name and assign the newly created permission level 'contributeWithoutDelete' to it, then I click the Create button (not shown)
Add users to the Group 1
I am taken to the secureMembers group membership page. In order to add members to the group I click on the New link and choose Add Users.
Add users to the Group 2
In the Grant Permissions modal window I add an authenticated user to the group. I could have added an Active Directory Security Group and / or an Exchange Distribution list that is Security Enabled as well but in this case one user will do. I leave the checkbox to send a welcome message to the user and then click OK.
Add users to the Group 3
I verify that the user has been added to the group.
Validate the change 1
Using the menu in the upper right of the window I choose Sign in As Different User.
Validate the change 2
While signed in as the user who is in the new group with the new permission levels I click on the Document Library by clicking on the link in the Quick Launch Bar.
Validate the change 3
I select one of the documents and notice that the Delete Document icon is greyed out in the Ribbon which verifies that I cannot delete a document so I know my changes have had the desired effect.
No comments:
Post a Comment