WSS Rights Mask is an 8-byte, unsigned integer that specifies the rights that can be assigned to a user or site group. This bit mask can have zero or more flags set.
The values of the permission mask bits are specified as follows.
|
Symbolic name
|
Value
|
Description
|
|
EmptyMask
|
0x0000000000000000
|
Grant no permissions.
|
|
FullMask
|
0x7FFFFFFFFFFFFFFF
|
Grant all permissions.
|
The list and document permissions (0x000000000000XXXX) are specified as follows.
|
Symbolic name
|
Value
|
Description
|
|
ViewListItems
|
0x0000000000000001
|
Allow viewing of list items in lists, documents in document libraries, and Web discussion comments.
|
|
AddListItems
|
0x0000000000000002
|
Allow addition of list items to lists, documents to document libraries, and Web discussion comments.
|
|
EditListItems
|
0x0000000000000004
|
Allow editing of list items in lists, documents in document libraries, Web discussion comments, and to customize Web part pages in document libraries.
|
|
DeleteListItems
|
0x0000000000000008
|
Allow deletion of list items from lists, documents from document libraries, and Web discussion comments.
|
|
ApproveItems
|
0x0000000000000010
|
Allow approval of minor versions of a list item or document.
|
|
OpenItems
|
0x0000000000000020
|
Allow viewing the source of documents with server-side file handlers.
|
|
ViewVersions
|
0x0000000000000040
|
Allow viewing of past versions of a list item or document.
|
|
DeleteVersions
|
0x0000000000000080
|
Allow deletion of past versions of a list item or document.
|
|
CancelCheckout
|
0x0000000000000100
|
Allow discard or check in of a document that is checked out to another user.
|
|
ManagePersonalViews
|
0x0000000000000200
|
Allow creation, change, and deletion of personal views of lists.
|
| |
0x0000000000000400
|
Reserved.
|
|
ManageLists
|
0x0000000000000800
|
Allow creation and deletion of lists, addition or removal of fields to the schema of a list, and addition or removal of personal views of a list.
|
|
ViewFormPages
|
0x0000000000001000
|
Allow viewing of forms, views, and application pages, and enumerate lists.
|
| |
0x000000000000E000
|
Reserved.
|
The Web level permissions (0x0000XXXXXXXX0000) are specified as follows.
|
Symbolic name
|
Value
|
Description
|
|
Open
|
0x0000000000010000
|
Allow access to the items contained within a site, list, or folder.
|
|
ViewPages
|
0x0000000000020000
|
Allow viewing of pages in a site.
|
|
AddAndCustomizePages
|
0x0000000000040000
|
Allow addition, modification, or deletion of HTML pages or Web part pages, and editing of the site using an editor compatible with Windows SharePoint Services.
|
|
ApplyThemeAndBorder
|
0x0000000000080000
|
Allow application of a theme or borders to the entire site.
|
|
ApplyStyleSheets
|
0x0000000000100000
|
Allow application of a style sheet (.css file) to the site.
|
|
ViewUsageData
|
0x0000000000200000
|
Allow viewing of reports on site usage.
|
|
CreateSSCSite
|
0x0000000000400000
|
Allow creation of a site using Self-Service Site Creation, an implementation-specific capability of Windows SharePoint Services.
|
|
ManageSubwebs
|
0x0000000000800000
|
Allow creation of a subsite within the site or site collection.
|
|
CreateGroups
|
0x0000000001000000
|
Allow creation of a group of users that can be used anywhere within the site collection.
|
|
ManagePermissions
|
0x0000000002000000
|
Allow creation and modification of permission levels on the site and assigning permissions to users and site groups.
|
|
BrowseDirectories
|
0x0000000004000000
|
Allow enumeration of documents and folders in a site using [MS-FPSE] and WebDAV interfaces.
|
|
BrowseUserInfo
|
0x0000000008000000
|
Allow viewing the information about all users of the site.
|
|
AddDelPrivateWebParts
|
0x0000000010000000
|
Allow addition or removal of personal Web parts on a Web part page.
|
|
UpdatePersonalWebParts
|
0x0000000020000000
|
Allow updating of Web parts to display personalized information.
|
|
ManageWeb
|
0x0000000040000000
|
Allow all administration tasks for the site as well as manage content.
|
| |
0x0000000F80000000
|
Reserved.
|
|
UseClientIntegration
|
0x0000001000000000
|
Allow use of features that launch client applications; otherwise, users must work on documents on their local machines and upload changes to the WFE.
|
|
UseRemoteAPIs
|
0x0000002000000000
|
Allow use of SOAP, WebDAV, or [MS-FPSE] to access the site.
|
|
ManageAlerts
|
0x0000004000000000
|
Allow management of alerts for all users of the site.
|
|
CreateAlerts
|
0x0000008000000000
|
Allow creation of e-mail alerts.
|
|
EditMyUserInfo
|
0x0000010000000000
|
Allow users to change their own user information, such as adding a picture.
|
| |
0x0000FE0000000000
|
Reserved.
|
The Special permissions (0xXXXX000000000000) are specified as follows.
|
Symbolic name
|
Value
|
Description
|
| |
0x3FFF000000000000
|
Reserved.
|
|
EnumeratePermissions
|
0x4000000000000000
|
Allow enumeration of permissions on the site, list, folder, document, or list item.
|
| |
0x8000000000000000
|
Reserved.
|