With the modern experience of SharePoint Online and OneDrive, a lot of user experience improvements were made.

Into these improvements, the simplification of some actions has some side effects that the final users and administrators don't want or don't know, more particularly with the sharing links.

Often, I am seeing during an audit for my customers or hearing when one of them ask me why some peoples have access of somethings whereas they should not behave access? How can I revoke grant access?

I don't need to explain to you how to share or get a link to file on SharePoint Online or OneDrive because some other great posts explain that:

Copy Link in Modern SharePoint – non-obvious security implications you should know about
Recently I encountered a strange issue in a client’s Intranet during the content buildout phase. They’d given read-only access to a group of pilot users, and loaded up their site with p…
Share and Copy Link Breaks Document Permissions in SharePoint
SharePoint has a robust and fine-grained security mechanism for content which allows documents to inherit permissions from the library they are in and also to have unique permissions assigned. Assigning individual permission to documents involves breaking the inheritance structure and is normally do

The thing that you have to know is once you have shared something, this permissions inheritance is broken. Even if you click on Stop Sharing, the permissions inheritances are not restored.

[note]Note

Stop sharing remove all access except for owners (the access for members, visitors, etc. are removed).
SharePoint stop sharing the link

Permissions inheritance

The permissions inheritance, it is a means that to propagate the user's permissions from the parents to the children (that can be a simple definition).

On SharePoint, you can manage independently the permissions for:

  • Sites Collection / Root web
  • Web (subsites)
  • List/Library
  • Folder
  • File/Item

By default, all "artifacts" of SharePoint inherit the permissions from his parent (excepted the Sites Collections that are the "root" level, so no parent).

The modern experience does not provide an interface to manage the permissions inheritance yet and to access it, it depends on artifact:

  • Sites Collection/Web: click on the gear from the Office 365 Ruban > Site Permissions > Advanced permissions settings (at the bottom of the panel)

LsOnline-SPWeb-Modern-AdvancedPerms-01 LsOnline-SPWeb-Modern-AdvancedPerms-02

  • List/Library:
    • From the Site Contents, click on the ellipsis of the target list/library > Settings > from the area Permissions and Management, click on Permissions for this document library (permissions of this list in the case of SharePoint list settings)
      LsOnline-SharingList-EllipsisAccessToAdvanceSettings-1
    • From the Site Contents, open/click on the target list/library > click on the gear from the Office 365 Ruban > Library settings > from the area Permissions and Management, click on Permissions for this document library (permissions of this document library in the case of SharePoint document library settings)
Access to the advanced permissions of a document of SharePoint library
  • Folder/File/Item: click on the item, file, or targeted folder and from the details pane > click on Manage access > at the bottom of the next panel, click on Advanced

Restore the inheritance

Once you are on the manage permissions inheritance interface, you can see from the SharePoint Ruban, into the section Inheritance, the following action:

  • When the inheritance did not break:
SharePoint Ruban actions when the artifact inherit the permissions of the parent
  • When the inheritance was broken, you can delete unique permissions to restore the inheritance:
SharePoint Ruban actions when the artifact has unique permissions



Hoping this post will help you 😉

You may also be interested in