SharePoint 2010 : Checking effective permission user interface

Once SharePoint 2010 is rolled out into an environment, it takes on a life of its own. Team sites, project sites, and other collaboration sites are created to fit the pressing business needs.

Along with each of these sites, security may be manipulated by breaking inheritance. This type of granularity breeds complexity. Sites are provisioned but not decommissioned due to the sheer number of sites. It is a common request from users to know what sites they have access to and what permissions they have on those sites. There is functionality within sites that provides such information.

The following recipe shows how to use this functionality.

Getting ready

You must be a site owner or site collection administrator.

How to do it...

How it works...

SharePoint 2010 uses the people picker control to verify the user or group. When this is submitted, SharePoint looks through the site to determine the permission levels that this account has been assigned. Note that you will see only those permissions that the account has on the current site. Permissions that the account has to any other subsites are not shown.

The Limited Access permission is to be used with sites that have granular permissions. For instance, if a user is given access to only a library on a site, the user still needs access to the parent website and be able to use shared information such as the navigation. Limited Access provides this and cannot be customized or deleted.

There's more...

Under the ribbon, after step 2 of this recipe, we may see the following message being displayed:

By clicking on the Show me uniquely secured content link, you will be shown a pop-up window, listing any objects that have unique permissions. Comments are also listed.

This is a useful feature for managing lists that have unique permissions.