File Subscriptions are represented as List Items in SharePoint

All file download/upload is done with the user’s own account and associated permissions.

When the client program on the user’s machine (or Server) initiate file sync, the List Items associated with that user, known as the Subscriber, is downloaded and processed one-by-one.

Control Sync for SharePoint is using 3 SharePoint Lists for subscription management and monitoring.
Below is the minimum user permissions required for the 3 Lists.

List Name Purpose/Role Permission
Subscription Custom List: File Subscriptions. Users can have multiple subscriptions to Document Libraries or Folders from different Site Collections. View Only
Event Log Custom List: Logging of the file actions and warnings/errors issued. (Files Copied/Replaced/Deleted/Conflicted etc.) Add Item
Version Control Document Library: New version of custom business logic. View Only

There are many ways of setting up permissions. However using the ‘Best practice’ described below ensures your security. Then you can Grant users access to Control Sync for SharePoint by sharing the Site and accepting the defaults.

SharePoint help: Best practice (step by step) for setting up the minimum permissions for users (Office 365). To grant a user access to Control Sync for SharePoint – Just share the Site and accept the defaults.
  • Create a Site Collection named ‘FusionPush
    (Go to: Admin / Admin centers / SharePoint)
  • Create a Permission Level that only allows ‘Add Item’. Call it: Add Item’ ; ‘Can add Items’
    (Go to: Site Settings / Site permissions / Ribbon – Permission Levels)
  • Create a SharePoint Group named ‘Fusion Push Users
    Check mark the following Permission levels: View Only , Add Item
    In the group Settings menu select Make Default Group
    (Go to: Site Settings / People and groups / Groups / New – Group)
  • For the The Lists Subscription and Version Control
    Stop Inheriting Permissions
    Remove all groups but Fusion Push Users
    On the group Fusion Push Users: Ribbon – Edit User Permissions, Uncheck Add Item
    (Go to: List Settings / Permissions for this list )
  • For the The List Event Log
    Stop Inheriting Permissions
    Remove all groups but Fusion Push Users
    (Go to: List Settings / Permissions for this list )
Optional extra enhancement for the List Event Log: Each user only needs to access Items created by that user.
(Go to: List Settings / Advanced Setting / Select Read Items that were created by the user

Need more help with this?
Don’t hesitate to contact us here.

Thanks for your feedback.