Requirement

Display security permissions for site collection, subsites, and lists/libraries in each site.

Solution

This can be achieved by a simple powershell script. To use it, you must modify the $site variable to point to your site collection.

Syntax: <script name>.ps1 | out-file c:\permissions.txt

#Add SharePoint PowerShell SnapIn if not already added
if ((Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue) -eq $null) {
Add-PSSnapin "Microsoft.SharePoint.PowerShell"
}

#Define variables
$site = Get-SPSite "http://<site collection>"

#Get all subsites for site collection
$web = $site.AllWebs

#Loop through each subsite and write permissions

foreach ($web in $web)
{
if (($web.permissions -ne $null) -and ($web.hasuniqueroleassignments -eq "True"))
{
Write-Output "****************************************"
Write-Output "Displaying site permissions for: $web"
$web.permissions | fl member, basepermissions
}
elseif ($web.hasuniqueroleassignments -ne "True")
{
Write-Output "****************************************"
Write-Output "Displaying site permissions for: $web"
"$web inherits permissions from $site"
}

#Loop through each list in each subsite and get permissions

foreach ($list in $web.lists)
{
$unique = $list.hasuniqueroleassignments
if (($list.permissions -ne $null) -and ($unique -eq "True"))
{
Write-Output "****************************************"
Write-Output "Displaying Lists permissions for: $web \ $list"
$list.permissions | fl member, basepermissions
}
elseif ($unique -ne "True") {
Write-Output "$web \ $list inherits permissions from $web"
}
}
}
Write-Host "Finished."
$site.dispose()
$web.dispose()
$unique.dispose()


The output you get will look something like this:


****************************************
Displaying site permissions for: Intranet

Member : domain\administrator
BasePermissions : ViewFormPages, Open, BrowseUserInfo, UseClientIntegration, Us
eRemoteAPIs
Intranet \ Brands inherits permissions from Intranet
Intranet \ Content and Structure Reports inherits permissions from Intranet
****************************************
Displaying Lists permissions for: Intranet \ News

Member : domain\domain users
BasePermissions : ViewListItems, OpenItems, ViewVersions, ViewFormPages, Open,
ViewPages, CreateSSCSite, BrowseUserInfo, UseClientIntegratio
n, UseRemoteAPIs, CreateAlerts
Intranet \ Pages inherits permissions from Intranet
Intranet \ PDFs inherits permissions from Intranet
****************************************
Displaying site permissions for: About Company
About Company inherits permissions from SPSite Url=http://my.company/intranet
About Company \ Documents inherits permissions from About Company
Displaying Lists permissions for: About Company\ Images

Member : domain\administrator
BasePermissions : ViewFormPages, Open, BrowseUserInfo, UseClientIntegration, Us
eRemoteAPIs


As you can see, the script only displays the permissions of subsites and lists that are unique.