Permissions

SharePoint Permission Sets

In the workflow configuration file, you can specify four permission sets that can be quickly and easily assigned to a user using the Add-KFPermission, Remove-KFPermission, and Update-KFPermission cmdlets.

We have compiled 6 meaningful SharePoint permission set that are often used. These follow the well-known CRUD model (Create, Read, Update, Delete). We have added "M" for "Manage" and "A" for "Approve".

Users or groups that have the corresponding permission set can perform very special tasks.

For example, anyone assigned "Create" may create elements, but not automatically read them. Accordingly, a user with "Read" permission may not automatically create elements.

You can specify names for the 6 permission sets in the workflow configuration file.

With the program command --createpermissionsets these permission sets are created in SharePoint and equipped with rights ("Base Permissions") according to our specifications.

Here is an overview of how the permission sets are defined:

Create:

  • Add list Items (AddListItems)
  • Show List Items (ViewListItems)
  • Create Alerts (CreateAlerts)
  • View Pages (ViewPages)
  • Open (Open)

Read:

  • View list Items (ViewListItems)
  • Open List Items (OpenItems)
  • Show Version (ViewVersions)
  • Show Pages (ViewPages)
  • Open (Open)

Update:

  • Edit List Items (EditListItems)
  • Show List Items (ViewItems)
  • View Pages (ViewPages)
  • Open (Open)

Delete:

  • Delete List Items (DeketeListItems)
  • View List Items (ViewItems)
  • Show Versions (ViewVersions)
  • Delete Versions (DeleteVersions)
  • Use APIs (UseRemoteAPIs)
  • View Pages (ViewPages)
  • Open (Open)

Manage:

  • Edit list items (EditListItems)
  • View list items (ViewItems)
  • Approve list items (ApproveItems)
  • Open list Items (OpenItems)
  • Browse directories (BrowseDirectories)
  • Show Versions (ViewVersions)
  • Enumerate Permissions (EnumeratePermissions)
  • Manage Permissions (ManagePermissions)
  • Browse User Infos (BrowseUserInfo)
  • Open (Open)

Approve:

  • View list items (ViewItems)
  • Approve list items (ApproveItems)
  • Open list Items (OpenItems)
  • Show Versions (ViewVersions)
  • Browse directories (BrowseDirectories)
  • Enumerate Permissions (EnumeratePermissions)
  • Browse User Infos (BrowseUserInfo)
  • Open (Open)

Discussion