We are trying to create a group for our Intranet that would allow people to create news posts, but not publish them. Users who have the default Edit permission, are able to publish. Which settings do I need to add to allow people to add drafts, but not publish?
You could enable content approval for the site page library. Go to library settings-> Versioning settings-> enable content approval for the library:
Usually, when an item is in Pending status, only the item originator and the people who have permissions to manage lists and libraries can see it. After its status changes from Pending to Approved, it becomes visible to anyone who has permission to view the list or library.
Read this article for more:
https://support.microsoft.com/en-us/office/require-approval-of-items-in-a-site-list-or-library-cd0761c4-8c3f-4ea2-9435-13c28aa23d08
Related
I'm trying to setup an Azure project page. An issue that I am running into is that the users I have do not have access to do a lot of the maintanence related items on the Sprint Boards and they also do not have the ability to add/edit in the Wiki pages. Some examples of things that users need on the sprint board are: adding new tags, and deleting work items. I've tried granting access levels to all users both individually and under their team, but that doesn't seem to work.
I've even went as far as adding a user to the Project Admin group (which should give them full access) and they still cannot even add/edit a Wiki page or do any of the maintenance on the sprint board. I'm the owner of the project and have all of this access. What settings/permissions do I need to do to get this to work?
If users having the Contributors role in Azure DevOps Projects, then they can edit the wiki pages by default.
This Contributors group/role will provide write and read access to the repositories, pipelines, work tracking, etc.
Check the restrictions to the users and groups by going to this path and modify according to your requirement:
Refer to the Azure DevOps Wiki Permissions Official Doc and this AzureDevOps-Permissions&AccessLevelManagement for more information.
There is a option in the App Catalog to share an app. We can select Can Edit option and share. But I could not find what actually happens when you do this. Where does this permission get affected?
Since "Apps for SharePoint" is another type of document library which contains your app package. The "Share" menu item should be the same one as the list item or document which provides item level permission management. You can configure the specific apps to be accessed by specific users for specific actions, like edit if you don't want your apps to inherit from default "App for SharePoint" library's permission sets.
I have a site collection with a subsite. I am storing a roadmap and some other project management documents within a document library in my subsite. I would like to share that document library with an internal user, but I don’t want her to see anything else – just that document library. I don’t want her to see any other parts of the site. Can I do that? How?
Yes,
Go to Site Settings > Site Permissions
Remove the user from all groups (click on Check Permissions to see what permissions she has on your site).
Go to the document library and click on the Library tab in the
ribbon.
Click on Shared With (far to the right)
Click on ADVANCED
Click on Stop Inheriting Permissions, confirm with Ok
Click on Grant
Permissions and give the user the appropriate rights (read, edit
etc.)
EDIT:
This is for a SharePoint 2013 site. Sorry for that. I dont have a SharePoint 2010 site available right now so I cant give you the exact steps, but the concept is still the same:
Remove the users permissions to the site.
Stop inheriting permissions for the document library
Grant the user permissions to the documet library
I have a sub-site (http://mysite/documentcenter). My user is in Site Collection Administrators, so I can see and click the move button in site content and structure of sub-site.
But the other users, who has contribute access to all documents, can't see the Move button - it completely disappeared, it's not greyed out.
How can I make the move button display for the other users?
I know this question is a bit old but, you need to have the following Permission Level enabled or Move is not available.
Manage Web Site - Grants the ability to perform all administration tasks for the Web site as well as manage content.
I would be very careful assigning this permission though as it adds a whole slew of additional access for the user(s).
Make sure Add and Customize Pages permissions is present. There could be a Deny mask coming in from User Policy from central admin, which can overwrite Site Collection admin permissions.
What are the minimum SharePoint 2010 permissions required to allow a user to personalize a web part page, allowing updates and adding web parts to the page but completely restrict the user modifying the shared version?
I initially copied the built-in “Read” permission level and added the “Manage Personal Views”, “Add/Remove Personal Web Parts” and “Update Personal Web Parts” permissions from the Personal Permissions group. This custom permission level was then applied to a user who then viewed a web part page created by the Administrator, which contained only a very simple prototype SharePoint web part. This web part contained a modifiable label which was edited using the “Miscellaneous” section from the Edit Web Part from the standard SharePoint chrome.
With the custom permission level applied the “Miscellaneous” option it is not available to the user upon personalizing the page and selecting Edit Web Part. The “Miscellaneous” option only becomes available to the user when the permission level is further modified to have the “Edit Items” from the List Permissions group. This has the undesired effect of allowing the user to be able to modify the shared version of the page.
Is what I’m trying to achieve even possible?
Many thanks
Check this out: http://akifkamalsyed.wordpress.com/2011/01/17/personalizable-web-part-custom-property-not-shown-for-users-with-contribute-permission-level/
It's probably because you don't have a safecontrol for the webpart with the attribute SafeAgainstScript