pnp
Add Modern Page with Permission might break SiteAssets permission
First of all - the Issue is not code/pnp specific and can be validated in UI as well. However, we had Templates provisioned which did result in wrong permission settings on the Site Asset Library -that's why i report it here.
Use Case: -Only site owners should be allowed to create modern pages, Members and Visitors should have read only -The Site owners should not be allowed to change the welcome page to preserve a common layout
Solution: -Break Role Inheritance on SitePages-Library and change permission for Owners to contribute and Members/Visitors to read -Break Role Inheritance on WelcomePage and set Owners,Members,Visitors to read (only sitecollection admin can edit)
Issue: The change of Permission at the WelcomePage seems to trigger a EventHandler which set's on SitesAssets-Library the same permission as on the SitePages-Library. In my example -contribute for owners and read for all others.
As the One-Note-Folder is in the SiteAssets-Library, the Members would loose write permission in our example. The user might or might not recognize that his changes in the One-Note-Client-App are not synced, which means we end up in a painful mess.
@jansenbe it's with ms support #31795834
