Site Permissions Breaking Bad, episode 1

BreakingPermissionsThe Survey.

In my earlier post, I showed default site permissions and what happens when you break permissions in one library.

This time I will show another common scenario with non-standard permissions, that may give issues if you do not set it up properly.

Scenario: Your list or library has a larger audience than the rest of the site.
This is quite common when you conduct a survey or have a request list in your site. You give your target audience contribute access to the survey or request form. They will generally not need to do anything else in your site.

In the picture below, the yellow circle is an additional members group with access to the one list, only.

A common setup for a survey, or a request form. The audience has access to the one list only.
A common setup for a survey, or a request form. The audience has access to the one list only.

This is an adequate setup if you are conducting a one-time survey, or have a request form where you invite people to participate via a link distributed by email. But in the following cases your users will still experience issues:

  • If you use a “Thank you page” after submitting feedback. The “Thank You”  page lives in another part of the site. Users will get an access denied as soon as they hit “Save”. Their feedback will be saved, but it is an unpleasant experience which will lead to many questions.
  • If you send them the link to the site, and ask them to navigate to the survey or request form, or click the survey/request form link or button. They will get an access denied when they try to enter the site.
  • If there are drop-down fields in the request form that use lookup lists. If they do not have access to the lookup lists, they will get a blank drop-down box.

Suggestion for a different setup.

  1. Determine if the rest of the site content is very confidential. If yes, store your survey in a less confidential environment. If not, proceed with 2.
  2. Add everyone in your audience to the a new group with Read access
  3. Create the survey, request form, library or other “app” 🙂  (I think it is really funny that lists are called Apps now)
  4. Now break permissions in the list or library
  5. Edit permissions for the new group from “Read” to “Contribute” in that list
  6. Break permissions in any confidential lists/libraries from your visitors and remove the new group. (Optional)

Your site’s permissions will now look like this. Much better and less issues!

Your audience now has read access throughout the site (with perhaps an exception or two) and contribute permissions for the list. This is less error-prone.
Your audience now has read access throughout the site (with perhaps an exception or two) and contribute permissions for the list. This is less error-prone.

Giving people access to one library or list only, is like asking the painter to come in through the window, not through the front door. It is better to let him in through the front door, and close or lock some rooms, than the other way around.

Next time, another example of how breaking permissions can go really bad!

Title inspired by award-winning series Breaking Bad.

Image courtesy of David Castillo Dominici at FreeDigitalPhotos.net

Advertisements

2 thoughts on “Site Permissions Breaking Bad, episode 1

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s