Skip to content

Security Scopes

Last updated on January 12, 2014

When you absolutely have to use unique permissions while building SharePoint applications; do it the fastest way possible.

In the case of an application where every item in a list is meant to have broken inheritance and uniquely assigned permissions you see a lot of guys doing this. A case where you passed the BreakRoleInheritance method a value of true then looped over the ACL collection of SPRoleAssignments to strip everything off.


Figure 1.

A much more scalable practice is to pass false to the BreakRoleInheritance method.


Figure 1.

Here’s a great post on what Unique Permissions really mean in SharePoint; “Clarify the Security Scope limits in SharePoint lists,” Joel Plaut 2012. Regarding the limit of unique permissions a List can contain be 50k; “The limit is not the unique combinations of ACLs, but instead the number of times permissions has been broken from a parent.”

Of course the moral of this story is to build SharePoint apps that don’t use unique permissions. But when you have to, do it fast.

Published insharepoint

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.