Understanding permission in SharePoint is typically the first thing users are confronted with when first attempting to add users or web parts to a site. Below we break down the permission structure to simplify it somewhat for you between “who,” “what” and “where;” by dividing the concepts between these areas, you can begin to piece together the components needed for a robust permission structure.
Who: You control access to people (individual Users) or to SharePoint Groups, active directory groups, etc. Groups can be comprised of like actions such as Contributors.
What: SharePoint Permission Levels help you to define what permission levels (actions like edit or delete) will be available in your site collection.
Where: You determine where in your site users or groups may go. Will you let them into an entire site collection or simply one sub-site, to a document library or a list or perhaps they can only access a file. With permissions, you control where users go within SharePoint.