Andrew MacGregor on Fri, 12 Feb 2016 08:59:05
I have a SharePoint Server 2013 On Premise site, 1 document library and some folders
Cust A has access to the Site (Members group)
Cust A has Limited access to the Library (Inheritance is broken at library level)
1 folder in the library has been shared with Cust A and they have been given Edit rights to the folder
A link has been sent to Cust A and they can access the folder, view the files in the folder and open/edit any existing files.
The problem arises when Cust A tries to create a new file in the folder, either using the library Content Type or saving a new document from the Word Client, at this point they get the prompt to enter their user name and password and after doing this they get a 401 Unauthorised Access error in the browser.
If Cust A is given Read access to the library then they can add new files but this gives them access to the other folders in the library. Any level below Read e.g. View Only does not work.
I have tried this on different sites and the get the same result. I would be surprised if this is expected behaviour as it must be possible to share a single folder and allow someone to save new content into that single folder
Any help on where to trouble shoot would be appreciated
IMSunny on Fri, 12 Feb 2016 13:26:01
Well here's what I found out -
1. Given Edit permissions to A on site level
2. Inheritance broken for document library.
3. Explicitly granted edit access on a folder in this document library.
4. Logged in as A using direct url of the folder
AND got the error -
Sorry, you don't have access to this page
Only if I grant minimum "View Only" access on the document library, I am able to work on the documents in the folder.
Although with view only access on the document lib i can view other folders and documents, I will not be able (actually I was not able to) open any document and rightly so.
Nonetheless; this behavior where accessing Folders with explicit permission through error seems to me that this is a potential bug.
Andrew MacGregor on Fri, 12 Feb 2016 13:34:55
Thanks for testing this out. I was able to view/read files in the Folder, with the broken inheritance, without granting additional rights to the Library. I assumed this was due to SharePoint granting limited permissions to the user.
As you point out granting additional permissions allows the customer to see the other folders which is pointless. I thought this would be a fairly regular requirement and had hoped someone would have encountered this.
Thanks for helping with this.