Forum Discussion
Share to "People with existing access" breaks role inheritance
Hi everyone,
we figured out a behavior with sharing items/documents in SharePoint which from our point of view is a bug.
Let us assume that the user "Jon Doe" is the owner of a SharePoint Site Collection / Web. Now another user navigates to a document in a library, selects a document and clicks the "Share" action. Than he chooses "People with existing access"
We select "John Doe" who already has access to this document because he is the owner of the site and click "Apply".
SharePoint now breaks the role inheritance of the item and inserts Johns dedicated account. The expected behavior should be: SharePoint recognizes that John already has access and simply sends him the link.
The actual behavior leads to unnecessary item level permission which where hard to monitor and control in terms of security and governance.
Any advice, ideas or tipps on how to assign this to the right people at Microsoft?
Thanks
Björn
Hi all,
The bad news is that this is unexpected. When sharing with a "People with existing access link", it should only send the user a canonical URL and it definitely shouldn't permission the user to the item.
The good news is that a fix is already rolling out and so this should go away shortly :)
Thanks!
Stephen Rice
OneDrive Program Manager II
52 Replies
Hi Bjorn,
I have the same experience and frustrations with item level sharing. For sites with restricted content we disable sharing and coach users to provide document URL locations.
It's not the best user experience but it preserves the security model.
I voted on your user voice.
Norm
- StephenRice
Microsoft
Hi all,
The bad news is that this is unexpected. When sharing with a "People with existing access link", it should only send the user a canonical URL and it definitely shouldn't permission the user to the item.
The good news is that a fix is already rolling out and so this should go away shortly :)
Thanks!
Stephen Rice
OneDrive Program Manager II
- So will this go back to how it used to work where the direct URL will be copied? Or will it still be a generated link minus the permission setting?
- I think the reason they did this now, because it used to actually work before where it would just give a direct link to the item, which I preferred myself. But the new "See who read your file" etc. in the hover card, pulls from the Link data I think. So they replaced it with links too.
I wish we had a way like we used to, to get the raw file location easy. Used to be able to just right click and copy link and get a link to a file. Now right click opens SharePoint menu, and copy link turns it to a sharing link. Need at least a "Copy Direct Link" option if anything. Then I could live with the sharing dialog how it's been changed. I believe this is working as intended by MS. (I'm with you - I don't like it either).
And additionally, within our concrete use case, only site owners are allowed to share documents to people outside the site collection. Now when a member of the site uses the SHARE button just to inform another member that a document has changes, a workflow will always kickoff an approval e-mail for the owners because of the item permissions that have to be changed (disgusting!!)
If this is intended by Microsoft I do not understand the difference between
"People in my Organisation" vs. "People with existing access", because both options lead to item level permissions ;-(
If I transfer this to a support request within O365 Admin center, I bet this will lead to a never ending story :-( I raised a request in https://sharepoint.uservoice.com/forums/329214-sites-and-collaboration/suggestions/36499336-enhance-item-security-share-to-people-with-exis
- Raise a support issue in the Office365 admin center with a SharePoint topic as the issue
