Using cloned/modified versions of permission levels to control access to Sharepoint Online lists

%3CLINGO-SUB%20id%3D%22lingo-sub-2282272%22%20slang%3D%22en-US%22%3EUsing%20cloned%2Fmodified%20versions%20of%20permission%20levels%20to%20control%20access%20to%20Sharepoint%20Online%20lists%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2282272%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20have%20a%20PowerApp%20with%20a%20sharepoint%20online%20list%20(SPL)%20as%20the%20data%20repository.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20SPL%20is%20part%20of%20a%20SharePoint%20online%20site%20which%20is%20linked%20to%20a%20MS%20Team.%3C%2FP%3E%3CUL%3E%3CLI%3ENone%20of%20the%20users%20will%20be%20owners%20or%20members%20of%20the%20parent%20MS%20Team%20as%20we%20understand%20we%20can%20achieve%20what%20we%20need%20without%20having%20to%20make%20them%20owners%20or%20members%20at%20the%20MS%20Team%20level.%3C%2FLI%3E%3C%2FUL%3E%3CP%3EWe%20are%20trying%20to%20create%20permission%20levels%20against%20the%20SPLs%20as%20follows%20so%20we%20can%20assign%20the%20permission%20levels%20to%20users%20or%20outlook%20distribution%20lists%20by%20via%20opening%20the%20SPL%20%26gt%3B%20List%20settings%20%26gt%3B%20Permissions%20for%20this%20list%20%26gt%3B%20Stop%20Inheriting%20Permissions%20%26gt%3B%20Grant%20Permissions%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3COL%3E%3CLI%3EOne%20permission%20level%20based%20on%20default%20'Full%20Control'%20level%20but%20user%20can%E2%80%99t%20delete%20records%20from%20the%20SPL%3C%2FLI%3E%3CLI%3EOne%20permission%20level%20based%20on%20default%20'Edit'%20level%20where%20they%20can%20see%20all%20SPL%20records%20but%20can%E2%80%99t%20delete%20records%20from%20the%20SPL%3C%2FLI%3E%3CLI%3EOne%20permission%20level%20based%20on%20default%20'Read'%20level%20where%20they%20can%20see%20all%20SPL%20records%20but%20can%E2%80%99t%20delete%20or%20edit%20records%20from%20the%20SPL%3C%2FLI%3E%3C%2FOL%3E%3CP%3EThe%20MS%20page%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsharepoint%2Fsites%2Fuser-permissions-and-permission-levels%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsharepoint%2Fsites%2Fuser-permissions-and-permission-levels%3C%2FA%3E%20is%20a%20great%20resource%20but%20after%20'cloning'%20(sharepoint%20list%20%26gt%3B%20settings%20cog%20%26gt%3B%20Site%20permissions%20%26gt%3B%20Advanced%20permissions%20settings%20%26gt%3B%20Permission%20Levels%20%26gt%3B%20select%20a%20default%20permission%20level%20%26gt%3B%20Copy%20Permission%20Level%20%26gt%3B%20Create%20new%20permission%20level)%26nbsp%3Bthen%20trying%20different%20combinations%20of%20'List%20Permissions'%2C%20we%20haven't%20been%20able%20to%20achieve%20what%20we%20require.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20it%20possible%20to%20control%20users%20access%20to%20the%20SPLs%20using%20the%20clone%2Fmodify%20approach%20above%20and%20if%20so%2C%20what%20different%20combinations%20of%20'List%20Permissions'%20do%20we%20need%20to%20select%2Funselect%20in%20the%20above%20default%20permission%20levels%20to%20achieve%20such%3F%3CBR%20%2F%3E%3CBR%20%2F%3EHope%20this%20is%20clear%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2282272%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EPermissions%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESharePoint%20Online%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
New Contributor

We have a PowerApp with a sharepoint online list (SPL) as the data repository.

 

The SPL is part of a SharePoint online site which is linked to a MS Team.

  • None of the users will be owners or members of the parent MS Team as we understand we can achieve what we need without having to make them owners or members at the MS Team level.

We are trying to create permission levels against the SPLs as follows so we can assign the permission levels to users or outlook distribution lists by via opening the SPL > List settings > Permissions for this list > Stop Inheriting Permissions > Grant Permissions

 

  1. One permission level based on default 'Full Control' level but user can’t delete records from the SPL
  2. One permission level based on default 'Edit' level where they can see all SPL records but can’t delete records from the SPL
  3. One permission level based on default 'Read' level where they can see all SPL records but can’t delete or edit records from the SPL

The MS page https://docs.microsoft.com/en-us/sharepoint/sites/user-permissions-and-permission-levels is a great resource but after 'cloning' (sharepoint list > settings cog > Site permissions > Advanced permissions settings > Permission Levels > select a default permission level > Copy Permission Level > Create new permission level) then trying different combinations of 'List Permissions', we haven't been able to achieve what we require.

 

Is it possible to control users access to the SPLs using the clone/modify approach above and if so, what different combinations of 'List Permissions' do we need to select/unselect in the above default permission levels to achieve such?

Hope this is clear

 

0 Replies