The storage structure and permission model of the Class Notebook
Background regarding the OneNote storage format:
If OneNote Notebook is a folder, then the Section Groups are subfolders under the notebook folder. The Sections are files (with .one extension). Pages don’t have a physical representation in SharePoint, instead, pages are contents of the Section files.
What is the Class Notebook ?
The Class Notebook is a template allowing a teacher R/W access to the whole notebook while students have R/W access (to their own section group) and access to the shared section groups with the teacher. The section groups on the second level of the tree below, can have section groups themselves (added later by the teacher).
Class Notebook Permission Model
Every Folder and file in SharePoint Online has permissions associated with it.
Inherited from its parents
This is called permissions inheritance. It means that the permissions of the parent are passed on to the children.
Defined at the folder/file itself
A file or a folder can break this chain of inheritance from parent to child. It is then starts to have its own permissions. SharePoint Online allows to add, edit and remove permissions. And none of these changes affect the original parents.
The Class Notebook Root Folder and the Class Notebook Section Groups (_Content Library, _Collaboration Space, _Teacher Only, Students private Section Groups) all have permissions defined for themselves. This implies that their permissions are broken from the chain of inheritance and they have their own permissions.
The Class Notebook Sections has inherited permissions from the Section Groups.
After we have seen how the Class Notebook looks, the following permissions are granted to users:
The Notebook Folder gives permissions to teachers to read\write and to students to read-only
The “_Content Library” gives permissions to teachers to read\write and to students to read-only The “_Collaboration Space” folder gives permissions to the teacher to read and write. Students has also read and write permissions.
Each private student section group gives teachers and only the student of the section group read\write access.
Corresponding Permissions In SharePoint Online based on the Role.
Incarnations of the class notebook
Current incarnations of the Class Notebook include:
Class Notebook (for teachers)
Staff Notebook (for school administrators)
Staff Notebook has a similar structure with different labels. Teachers are leaders and students are members. The Staff Notebook folders are managed as follows;
Class Notebooks are stored in SharePoint Online Sites:
The Class Notebooks are stored in SharePoint Sites in the list with title “EduOneNoteAppDocuments.” Each teacher has a subfolder with a title “<email>_Courses” where their notebook is stored.
Metadata of a Class or Staff Notebook is stored in hidden lists permissioned only for the teacher or leader.
teacher owner email>_ EduOneNoteList (SP hidden List)
Deletion of Legacy Class Notebook Application Data
The legacy version of the OneNote Class Notebook Creator is a SharePoint Store App. Microsoft has released a recent version of this app that is now part of Office 365, available in the App Launcher (under the icon of Class Notebook). The legacy Notebook Creator App maintains application metadata internal to the app (to manage Notebooks). This application metadata is stored within a hidden SharePoint list, not visible to the user.
When deleting the Class Notebook through SharePoint (List>Delete Item), the identifiable information (emails), in the metadata hidden list, are not deleted. The hidden list is still accessible either as the full URL of it or using the SharePoint Client API; it is permissioned only for the teacher.
Listed below are the steps to delete the metadata of a notebook—these steps access the hidden metadata list by browsing to it. These steps can only be performed by the teacher or leader (of the notebook owner) due to permissions. If the tenant administrator wants to perform these steps, then they need to add themselves as a site collection administrator first--refer to Manage Administrators for a Site Collection for additional help.
Additionally, if the site was on OneDrive, you may have to use powershell cmdlets to Grant-TenantAdminPermissionsToOdbSites.
Delete metadata of a notebook
Using IE to browse and login to the site where the Notebook Creator App is hosted.
Take the site URL and append to it:
Paste the URL from 2 into the browser URL field, then examine the results
Examine the title field, search for the notebook owner email.
Capture the ServerRelativeUrl value where the title matches the email you desire
Append the server relative URL to the Site URL and browse to the list. The format is: https://siteUrl/ServerRelativeUrl
Select Delete to remove the notebook.