SharePoint provides an interface called ISecurableObject. This interface is implemented by the SharePoint SPList, SPListItem, and SPWeb classes.

Four methods are provided:

• BreakRoleInheritance()  - detaches the item's RoleAssignments from that of its parent, allowing you to give a resource its own Access Control List permissions; and
• CheckPermissions() - checks if a user can execute a particular action against the object, throwing an exception if not allowed; and
• DoesUserHavePermissions() - checks if a user can execute a particular action against the object, returning true or false; and
• ResetRoleInheritance() - 'reattaches' the item's permissions to that of its parents, effectively resetting and throwing away any custom permissions applied to the object.

In addition to these methods, a number of public properties are provided. The most useful are these:

• RoleAssignments - provides a RoleAssignmentCollection detailing which Principals have been assigned which Roles on the resource.
• FirstUniqueAncestor - determines which of the resource's parent objects is the first to have role inheritance broken.