One noticeable change related to permissions in SharePoint 2013 is how “power users” gain access to the controls for setting permissions on SharePoint content. If given sufficient rights, in previous versions of SharePoint a user could access the “Manage Permissions” window for a particular SharePoint item by activating the menu on an item and selecting “Manage Permissions”. Within the Manage Permissions window, the “power user” could allow access to other users, remove user access, and either break inheritance or re-inherit permissions from their parent. In SharePoint 2013, the Manage Permission window is still available, however, it’s much more difficult to find. As well, new user interface elements have been added to allow users to more easily specify the permissions for an item or a document.
The first noticeable interface change occurs when a user clicks the ellipsis (…) beside an item. A new dialog—or “Share Window”—is presented to the user, containing a “SHARE” button and a “Shared with lots of people.”
Figure 3. Accessing SharePoint sharing capabilities.
Clicking the “SHARE” button displays a window from which other users can be granted access to the item or document:
Figure 4. Users can invite people to access a document they want to share.
Users may share the document with others by specifying user names, email addresses or ‘Everyone’ in this window. Users can even select if the invited people can edit the document or if they can simply view the document. The “Can edit” and “Can view” options in the dropdown list relate to specific permission levels. Adding users to this window and clicking “Share” will automatically break permission inheritance on the document (if it is not already broken) and create unique permissions on the document, thereby creating a unique security scope if necessary. This is an important point because it makes it much easier for end users to break inheritance and create additional security scopes in SharePoint. While 50,000 security scopes is a high number, for high user access sites this could become an issue.
In Figure 3 above, you will notice that the “Share Window” generated by the ellipsis (…) also contains another ellipsis. Selecting this second ellipsis (…) in the “Share Window” brings up a secondary menu:
Figure 5. Accessing the Shared With menu.
Clicking the “Shared With” menu item (or the “lots of people” link) displays the window in Figure 6 below, which allows users to view the audience that the document has been shared with. If the document has been shared with any SharePoint groups, the members of those groups will be individually displayed here (as opposed to the group). From this window, users may invite additional users or email everyone with access to the document.
Figure 6. Viewing the audience that a document has been shared with.
Clicking the “ADVANCED” button in Figure 6 will display the traditional “Manage Permissions” window (Figure 7), which still looks very much like that of SharePoint 2010. From this window, given sufficient rights, users can view a document’s permissions, break inheritance, re-inherit permissions, add permissions and remove permissions. Users can even check if a specific user or group has appropriate permissions to access the document.
Figure 7. The Manage Permissions window.
As mentioned these are new user interface elements that have been added to allow users to more easily specify the permissions for an item or a document, and thereby more easily share information at a fine grained level.
This is a fundamental change by Microsoft! It means that more focus has been placed on encouraging users to share content than restricting access to content. The traditional Manage Permissions window has always implied that users restrict permissions. As well, it means that Microsoft is willing to allow users to more easily create unique permissions on individual documents and items. This tells us that Microsoft has more confidence in SharePoint 2013's ability to manage unique permissions on individual items. This is very much in line with the increases in unique permissions that SharePoint 2013 supports from a performance perspective (see the following article: Updated SharePoint 2013 Software Boundaries and Limits: Unique Permissions).... and all of this is a very good thing!