SharePoint 2013 Content Library with Varing Permissions

sharepoint.stackexchange https://sharepoint.stackexchange.com/questions/128083

Question

Best Practices question for everyone: What is the best way to manage different permission levels within the same content warehouse?

I work for a client who has two distinct brands. I am working on an initiative to reduce their SharePoint farm size and increase collaboration by merging their two SharePoints into one Site Collection. There are three types of documents:

  1. Brand A Confidential Content
  2. Brand B Confidential Content
  3. Shared Content

Ideally, a MetaData based permissions system would allow me to simply limit document exposure based on assigned MetaData (Brand, or Confidentiality Level). But I am not familiar with a native functionality like this and the client is concerned with LT support/stability for an items based permissions system like what is discussed here: Implementing permissions based on metadata

So plan as of today is:

  • Create a single shared Site Collection with 3 content repositories (library)
  • Break permissions at the library level and then use a query to pull together the content from the libraries the user has access to onto one page

Questions

  • Am I missing something with regards to MetaData based Permissions?
  • Is there a way to have one content repository and then limit the view / access to confidential content based on user permissions (must be secure).
  • Or is the above plan the best course of action?

All suggestions are appreciated!

Was it helpful?

Solution

You can secure one library based on folders. But if the information is confidential I would use the 3 library approach just to ensure users don't accidentally reset permissions somewhere and now all of your content is shared with people who shouldn't see it. Item level permissions are not recommended as the performance takes a drastic nose dive the more documents you have.

While it might be nice to throw it all into one library, separating concerns should be taken into account here. There are many ways to aggregate the data using things like search, content query web parts, dataview web parts, etc.

There is no metadata based permissions that I know of and haven't heard of anyone in the ISV space implementing it.

Licensed under: CC-BY-SA with attribution
Not affiliated with sharepoint.stackexchange
scroll top