Forum Discussion
Custom list - item-level permissions
Hi Torill,
the item permission will really secure the content from other users, there's no way to access them, also not via SharePoint search.
However, Administrators and Site Owners with Full Control still have the access and can see all items. This makes sense, because users with Full Control are responsible to maintain the site and therefore should have access to all within this scope.
However, as Tiago already stated, I'd be careful with item level permission. The limit will be reach very fast, when you have a couple of users and items. See this scenario: You have 3 items and 3 users. How many single item permission do you have? Three? No, it's 9 already!
Item 1:
User 1 yes
User 2 no
User 3 no
item 2:
User 1 no
User 2 yes
User 3 no
item 3:
User 1 no
User 2 no
User 3 yes
Hence, I'd only recommend to have this on a small list with only a few users and make sure you have a kind of retention that outdated items (and their permissions) will be deleted automatically.
Summarized, item level permissions really secure each item, but consider above mentioned limitations. If you want to achieve a certain scenario, please let us know and we can maybe recommend best practices. :-)
Happy "SharePointing"
Hi Torill,
the item permission will really secure the content from other users, there's no way to access them, also not via SharePoint search.
However, Administrators and Site Owners with Full Control still have the access and can see all items. This makes sense, because users with Full Control are responsible to maintain the site and therefore should have access to all within this scope.
However, as Tiago already stated, I'd be careful with item level permission. The limit will be reach very fast, when you have a couple of users and items. See this scenario: You have 3 items and 3 users. How many single item permission do you have? Three? No, it's 9 already!
Item 1:
User 1 yes
User 2 no
User 3 no
item 2:
User 1 no
User 2 yes
User 3 no
item 3:
User 1 no
User 2 no
User 3 yes
Hence, I'd only recommend to have this on a small list with only a few users and make sure you have a kind of retention that outdated items (and their permissions) will be deleted automatically.
Summarized, item level permissions really secure each item, but consider above mentioned limitations. If you want to achieve a certain scenario, please let us know and we can maybe recommend best practices. :-)
Happy "SharePointing"
It's not working for me (in SPOnline). My test users only have read and create (add), but they are able to see all of the list items that they did not create. The advanced settings are Read items that were created by the user & Create items and edit items that were created by the user.
Hi Ronald, when you break inheritance, it first copies the existing permissions. Hence, if you really want to limit on item level basis, remove all existing permissions first and the start assigning new permission.
Zoltan Bagyon is also right, there may be some "Limited Permissions" on the root or other higher permissions anywhere else in the "SPO universe", which could still grant you concerning users access. Try his suggested solution to check the resulting permissions on your items.
When I share an individual list item with someone, I set it as "Edit". However, when the users go to edit the list item, they cannot. When I check the unique permissions, it reads Contribute. I have to grant edit permissions manually. Why would it give me the option to edit when the user only receives contribute permissions?
I suggest to identify the source of your test users' permission through "Check permissions", perhaps they are inheriting rights you are not aware of.
