Once you have created a Site, it may require that permission be set to the Site, lists, libraries, folders, and documents. SharePoint methodology of site security is known as Site inheritance.
Note
If you do not have manager access to a Site, you will not be able to break inheritance, add groups, and grant permissions.
Site inheritance is when a defined security automatically inherits permissions from its parent site or even parent element such as a list, library, or folder. By default, a newly created SharePoint Site, list, library, or folder will automatically inherit the permission. The obvious advantage of this is that you do not have to individually security trim every newly defined element.
Security trimming is a term used to define specific access to content or functionality to a small group of people. When security is defined, the security trimming part is that which is normally the last to be implemented. In SharePoint, permissions on any securable object such as Site collection, lists, libraries, folders, and documents are inherited from their parent object. However, you can break this inheritance for any securable object at a lower level in the hierarchy by creating a unique permission on that securable object. For example, you can create a sub site, and break the permission inheritance from the parent if you want to limit (or expand) the group of users who are allowed access, or have permission to access, the Site for security reasons. When inheritance is broken from the parent, the SharePoint element that is now broken has a final inheritance from the parent’s permissions. You can then edit these permissions to be unique.
In the preceding figure, sub Sites A, B, and C inherit permissions from the top-level Site. If changes are made to SharePoint groups and permission levels on the top-level Site, the permissions will be inherited to sub sites. If a change is made to the sub Sites A, B, or C occur, the parent site is being changed as well, if inheritance is not broken on that site.
Note
SharePoint does not allow you to manage permission on a sub Site that is already inheriting permissions from its parent Site.
Sub Site D has unique permissions; therefore it is not inheriting any permission from its parent site. If any changes are made to the permission levels and SharePoint groups on Sub Site D, they remain in this site.
To view the Site permissions, click on Site Actions.
Select Site Permissions to view which users and groups have access to the site, and the type of access this is.
From the preceding example, we can see that:
This inheritance concept can be broken by clicking on the Stop Inheriting Permissions button on the Ribbon.
The impact of doing this is that any new groups that are created in the parent site will not propagate to this Site and its contents. New users that are created and are within an existing group will still have access to the Site.
Tip
We recommend that you think very carefully before breaking inheritance because this increases the administration of user access to Sites. If you are new to the SharePoint technology, breaking permission inheritance can cause access issues with users, because you do not realize sub sites are not inheriting new user permissions until users start complaining.
Note
Often, if a user clicks on a link and they cannot immediately access the information, they normally assume that the information is not available and will fail to report the access issue. Unfortunately, this does not help user acceptance of a new Site.
A Site, list, library, item, and document can re-inherit permissions from the same menu as Stop Inheriting Permissions.
To change permissions on a document, select it and click on Manage Permissions from the drop-down menu.
You can also secure a document from the Office client.