Documents in libraries with draft item security enabled are version controlled and only allow access to draft versions if the user is either part of the approvers group or that user is the original author.
Outside of these specific instances a regular user cannot view drafts which can be an issue for users who have to review or view documents.
Currently the best solution we’ve found to this issue is to first grant Unique Permissions on the specific document, and then to specifically grant approval rights on users who will be part of the review process, once the process has finished unique permissions on the document can be revoked. This process is covered step-by-step below.
Granting Unique Document Permissions
- Access the Controlled Library.
- Select the document you wish to grant unique permissions to.
- open the FILES tab then select ‘Shared With’.
- Select ‘ADVANCED’ in the window that opens which will open the advanced permissions page.
- Click ‘Stop Inheriting Permissions’ in the PERMISSIONS tab then click OK to confirm.
- Select ‘Grant Permissions’ in the PERMISSIONS tab.
- Once the window loads enter the names of the users who will be granted access to the file.
- Select ‘SHOW OPTIONS’ and untick ‘Send an email invitation’ unless you want the users to receive notification that they now have access.
- Change the Permission Level field to ‘Approve’ and then click SHARE.
Removing Unique Document permissions
Once the document has been reviewed or the need for access has passed it is good practice to remove unique permissions on the document so that permission changes are automatically inherited.
- Follow steps 1 – 4 above.
- Select ‘Delete unique permissions’ then click OK to confirm.
Checking Current User Permissions
The current permissions of any user can be easily found by following steps 1 – 4 in the ‘Granting Unique Document Permissions’ then doing the following –
- Select ‘Check Permissions’.
- Search for the user you want to check the permissions of and then select ‘Check Now’.
- SharePoint will now list the groups the user is part of and any permissions specifically applied to the user. This also works for SharePoint groups.