The influence of Activating SharePoint Server Publishing Infrastructure on Security Trimmed Navigation

Security and Navigation, it’s something we need to be really careful with. it’s really frustrating seeing navigation items where you don’t have access to and it’s even more annoying to not see your navigation even though you have access to the library or to one of the items in it. According to the technet article giving access to an item is a SharePoint Library for a certain user will result in the assignment of Limited Access on the top levels to

“is to allow enough access to the object hierarchically above the uniquely permissioned item so that the Object Model (OM), master pages, and navigation can display when the user attempts to navigate to the item. Without the Limited Access permissions at the parent scopes, the user wouldn’t be able to successfully browse to or open the item that has unique permissions.”

This results in:

IIustrates object hierarchy for a document library, in which all objects but one inherit their scope from their parents.


IIustrates how the hierarchical depth of scopes can affect the amount of work required to add Limited Access users to parent scopes.

Let me transform this into a Real Case Scenario:

We have a Document Library Finance where only the CFO and his team have access to. In the current navigation (left side menu) only the CFO and his team will see the Document Library Finance. Every other employee will not see it since they don’t have access to the Library or to any document in that Library.

One document Expenses.xlsx must be editable for every user since they have to add their expenses in that spreadsheet. So the CFO assigns everyone with Contribute rights. As mentioned in the technet article everyone will receive Limited Access rights on the Library. In SharePoint 2013 limited access rights are not shown in the Permission Overview to avoid any confusion like we had in SharePoint 2010. So Far So Good, everyone can see the library Finance.

Since we want to incorporate some publishing features like Master Pages, Page Layouts, … we need to activate SharePoint Server Publishing Infrastructure. At that exact moment the library Finance disappears from the Current Navigation. It is only visible to the CFO and his team. The document Expenses.xlsx is only available through a direct link or when used by the WebPart/AppPart Finance. 

Deactivating the feature doesn’t rollback the damage. So Be Very Careful. Since it occurs in SP On Premises & Online I doubt it that it’s a bug but a change/feature/opportunity in the platform. In my humble opinion a bad one. I’m still hoping it’s a bug. I’m also hoping pigs can fly and hell freezes over, …

I’ve made a screen cast of a similar process which you can find on YouTube : ..

Leave a Reply