Document Libraries

Manage SharePoint document libraries including settings, permissions, and content. Libraries are the primary content storage in SharePoint sites and serve as the file repository for Teams channels.

Permission Levels

SharePoint uses a tiered permission model for controlling access to sites and libraries:

Level	Access	Description
Full Control	Highest	Complete control including managing permissions, site settings, and deletion. Reserved for site collection administrators.
Owner	High	Manage site settings, permissions, and content. Cannot delete site collection.
Member (Edit)	Medium	Add, edit, and delete content. Create lists and libraries. Cannot manage permissions.
Visitor (Read)	Low	View pages and content only. No editing capabilities.
Restricted View	Lowest	View pages only. Cannot download documents or view lists.

Site Groups

Group	Permission Level	Members	Description
Site Owners	Full Control	3 users	Site administrators
Site Members	Edit	24 users, 2 groups	Content contributors
Site Visitors	Read	156 users, 5 groups	View-only access

Permission Inheritance

SharePoint uses permission inheritance from parent to child objects:

Site Collection — Top-level permissions
- Subsite — Inherited from site collection
  - Document Library — Inherited from subsite
    - Folder — Can be inherited or broken (unique permissions)
      - Document — Inherited from folder

Warning: Breaking inheritance creates unique permissions. Changes to the parent no longer affect the item. Use sparingly to avoid permission complexity and audit difficulty.

Managing Site Access

Add Users/Groups

Add individual users to site groups
Add security groups for bulk access
Add Microsoft 365 groups
Invite external guests

Remove Access

Remove from site groups
Remove direct permissions
Revoke sharing links
Block guest access

Access Requests

Users can request access when they do not have permissions to a site or document. Site owners review and approve or deny these requests.

Library Settings

Setting	Description
Versioning	Major versions, or major plus minor versions
Version limit	Maximum number of versions retained
Check out	Require check-out before editing
Content approval	Require approval for new or modified items
Folder creation	Allow or disable folder creation

Library Types

Documents — Default document library for team sites
Site Assets — Media and assets for site pages
Form Templates — InfoPath form storage
Custom — User-created libraries with custom columns and metadata

Storage

Libraries share storage quota with the parent site
Large file support up to 250 GB per file
Version history counts against storage quota
Recycle bin items consume quota for 93 days

Permissions Reports

Generate reports on site and library permissions:

User Permissions — All sites and items a specific user can access
Site Permissions — All users and groups with access to a site
Unique Permissions — Items with broken inheritance across sites

Permission Check

Verify what permissions a user has on a site or item by specifying the user email and site or document URL. This helps audit access and troubleshoot permission issues.

Best Practices

Use groups for permissions — Assign permissions to groups rather than individuals for easier management
Minimize broken inheritance — Excessive unique permissions make auditing difficult; use sparingly
Regular access reviews — Periodically review who has access and remove stale permissions
Limit site owners — Keep the owner group small; too many owners can lead to permission sprawl

API Reference


# Get site permissions
GET /api/sharepoint/sites/:id/permissions


# Add user/group to site
POST /api/sharepoint/sites/:id/permissions


# Remove user from site
DELETE /api/sharepoint/sites/:id/permissions/:userId


# Check user permissions
GET /api/sharepoint/permissions/check

GET /api/sharepoint/sites/:siteId/libraries — List libraries
GET /api/sharepoint/libraries/:id/settings — Get library settings