This SharePoint tutorial, we will discuss how to implement SharePoint item level permissions for list items in SharePoint Online or SharePoint 2013/3016.
Lots of time you will get scenarios where you want the user to see only items created by themselves. For example, If your employees are giving feedback, then you will want a user can see their own feedback, not others.
Similarly, in case of a Leave Request list, you do not want everyone to see all the items, rather each user should see there own items in the same SharePoint List. In those cases, we can implement SharePoint item level permissions for the list or document library.
Here is my business requirement, I have SharePoint Online list “Employee Details” which contains details about every employee. Our aim is when employee logged in with their credential, they should be able to see their details, they should not see other employee’s details. By using SharePoint item level permissions we will see how we can achieve this functionality.
SharePoint manages permissions very effectively, from Site level to List or document library level and till item level. Item level permission means, only those users will have access to the item who has been provided.
Here the SharePoint Online list has below columns like below and which has below items.
From the list ribbon, click on “List Settings” to go to the List Settings page.
In “Advanced Settings” page on”Item Level Permission” we can able to see
- Read access
- Read all items: If you choose this option then any user who is having read access can be able to see all items from the list.
- Read items that were created by the user: If you choose this option, then logged in user can able to see items which is added by them only. Logged in user can not see items created by other users.
- Create and Edit access
- Create and edit all items: If you choose this option, then users having create and edit access can be able to add or item all items from the SharePoint List.
- Create items and edit items that were created by the user: In this case, the user having create and edit access can create items which are created by them only. They cannot edit items created by other users from the SharePoint list.
Note: When we checked the none option then no one can able to see items neither logged in user nor created item user. Basically, this option is used very rare situation. Sometimes only this option is used based on the requirement.
The options looks like below:
Here you can see, the logged in user can able to see the item which he has added to the “EmployeeDetails” list. In this list he has only added one item.
- The “Item Level Permission” is not available in “Issue tracking” list and “Document Library” templates in SharePoint. In the “Advanced Settings” page we could not able to find the “Item Level Permission” option. In the “DocumentLibrary and IssueTracking List” other process are there to manage permission.
- If a user has “Contribute” and “Edit” level permission then only Item Level Permission will work. Otherwise, if the user has full control and design permission is there then it overwrites on Item level Permission. For example, two users are there user 1 and user 2. User1 added some item to the list and go to advanced settings and checked the “Read items that were created by the user” and “Create items and edit items that were created by the user” option. Suppose user2 have full control to this site. User 2 will be logged in to the site .user1 thinks that no one can see the items which he is added to the list but user2 able to see all item just because he has full control permission. The Item Permission Level will not work there.
Now I will show how you can manage item level permission in SharePoint document library through unique permission in SharePoint 2013/2016 or SharePoint Online.
I have created a “Document Library” in SharePoint Online and Uploaded some of the Documents like below
Suppose I want to give item level permission to one item, then Select one item right click on the item we can able to see “Advanced“. Select the Advanced and click on “Shared With” like below:
When we click on Shared With we can able to see some name which is by default. Click on “STOP SHARING” to stop Sharing the documents to the by default user. By default, all the user having access to the list/library will have access to all the list or documents.
To Share more user click on “Invite people” we can able to see a box to add user name. Now click on Share.
Here I am Sharing this particular documents to User2. So when we logged in with User2 we can able to see all the documents in User2.
When we logged in with User1 we can able to all the documents but the documents which I have to send to User2 it is not displaying. I have already sent one more document to User2 so 2 documents is not displaying in User1 Document Library.
If the User1 have full control then above manage permission for document library is not working.
That means here the document is sent to User2 then also User1 able to see all the documents because User1 has full control permission. So this manages permission thing override by full control permission.
In the above article, we were discussed on SharePoint item-level permissions. How we can manage SharePoint item level permission and then also we discussed how to give unique permissions to documents inside a document library in SharePoint Online.
You may like following SharePoint tutorials:
- Disable document edit properties based on user permission in SharePoint document library
- SharePoint 2016 permission levels
- SharePoint Create Subsite with Unique Permissions in SharePoint 2013/2016/Online
- SharePoint Unique Permissions to List & Document Library in SharePoint Online Step by Step Tutorial
- SharePoint 2013 permission groups
- You do not have permissions to access a SharePoint list that contains data required for this form to function correctly
- What are SharePoint Permission levels? How to Create Custom Permission Levels in SharePoint 2013 Online?
- You do not have permission to open this web site in sharepoint designer 2013
- SharePoint Online: Activate Workflows can use app permissions Feature programmatically using CSOM
- SharePoint Online: Remove-SPOSite Access denied You do not have permission to perform this action or access this resource
I am Bijay from Odisha, India. Currently working in my own venture TSInfo Technologies in Bangalore, India. I am Microsoft Office Servers and Services (SharePoint) MVP (5 times). I works in SharePoint 2016/2013/2010, SharePoint Online Office 365 etc. Check out My MVP Profile.. I also run popular SharePoint web site EnjoySharePoint.com