Sharepoint - create custom permission level in SharePoint Site programatically in JSOM or CSOM

CSOM For O365

This creates a permission level inherited from the Full Control level, and can be changed to your desirable permission level.

namespace Console.Office365
 {
     using Microsoft.SharePoint.Client;
     using Microsoft.SharePoint.Client.Taxonomy;
     using Newtonsoft.Json.Linq;
     using OfficeDevPnP.Core.Entities;
     using System;
     using System.Collections.Generic;
     using System.IO;
     using System.Linq;
     using System.Reflection;
     using System.Threading.Tasks;

     class Program
     {
         static void Main(string[] args)
         {
             CreateCustomPermissionLevel();

         }

         public static void CreateCustomPermissionLevel()
         {
             OfficeDevPnP.Core.AuthenticationManager authMgr = new OfficeDevPnP.Core.AuthenticationManager();

             string siteUrl = "https://*****.sharepoint.com/sites/communitysite";
             string userName = "Sathish@*******.onmicrosoft.com";
             string password = "****************";


             using (var clientContext = authMgr.GetSharePointOnlineAuthenticatedContextTenant(siteUrl, userName, password))
             {
                 Web web = clientContext.Web;
                 clientContext.Load(web);
                 clientContext.Load(web.AllProperties);
                 clientContext.Load(web.RoleDefinitions);
                 clientContext.ExecuteQueryRetry();
                 var roleDefinitions = web.RoleDefinitions;

                 // Get Full Control Role Definition
                 var fullControlRoleDefinition = roleDefinitions.GetByName("Full Control");
                 clientContext.Load(fullControlRoleDefinition);
                 clientContext.ExecuteQuery();

                 // Create New Custom Permission Level
                 RoleDefinitionCreationInformation roleDefinitionCreationInformation = new RoleDefinitionCreationInformation();
                 roleDefinitionCreationInformation.BasePermissions = fullControlRoleDefinition.BasePermissions;
                 roleDefinitionCreationInformation.Name = "MyPermissionLevelCreatedByCode";
                 roleDefinitionCreationInformation.Description = "Custom Permission Level, Inherited from the Full Control";

                 roleDefinitions.Add(roleDefinitionCreationInformation);

                 clientContext.Load(roleDefinitions);
                 clientContext.ExecuteQuery();

             }
         }


     }
 }

Source: How to Create Custom Permission Level in SharePoint Office 365 Programmatically using C# Client Side Object Model (CSOM)

JSOM

JS starts with required script references (jQuery, sp.js etc.). In document ready, button click event is associated to the button. Function btnCreateCustomPermission_Click get the client context and calls function createPermissionSet; which creates all required permissions in a set. And finally function createCustomPermission gets context and permission details and creates permission level. 

<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script><script src="/_layouts/15/sp.js" type="text/javascript"></script><script src="/_layouts/15/SP.RequestExecutor.js" type="text/javascript"></script>   
<script src="/_layouts/15/SP.search.js" type="text/javascript"></script>  
<script type="text/javascript">  
$(function () {  

$('#btnCreateCustomPermission').click(btnCreateCustomPermission_Click);  

});  

function btnCreateCustomPermission_Click() {          
           var appweburl = _spPageContextInfo.siteAbsoluteUrl;  
           var clientContext = new SP.ClientContext(appweburl);  

            var dsReadPermissions = createPermissionSet();  
            createCustomPermission(clientContext, "DSRead", "DSRead", dsReadPermissions,  
            function DSReadSuccess() {  
                alert("Successfully created DSRead");  
            },  
            function DSReadFail(control, info) {  
                alert("Failed to create DSRead. " + info.get_message());  
            });  
        }  

        function createCustomPermission(context, name, desc, permissions, success, fail) {  
            // Create a new role definition.  
            var roleDefinitionCreationInfo = new SP.RoleDefinitionCreationInformation();  
            roleDefinitionCreationInfo.set_name(name);  
            roleDefinitionCreationInfo.set_description(desc);  
            roleDefinitionCreationInfo.set_basePermissions(permissions);  
            var roleDefinition = context.get_site().get_rootWeb().get_roleDefinitions().add(roleDefinitionCreationInfo);  
            context.executeQueryAsync(success, fail);  
        }  

        function createPermissionSet() {  
            //Create permission set with required permissions  
            var permissions = new SP.BasePermissions();  
            permissions.set(SP.PermissionKind.viewListItems);  
            permissions.set(SP.PermissionKind.openItems);  
            permissions.set(SP.PermissionKind.viewVersions);  
            permissions.set(SP.PermissionKind.createAlerts);  
            permissions.set(SP.PermissionKind.viewFormPages);  
            permissions.set(SP.PermissionKind.createSSCSite);  
            permissions.set(SP.PermissionKind.viewPages);  
            permissions.set(SP.PermissionKind.browseUserInfo);  
            permissions.set(SP.PermissionKind.useRemoteAPIs);  
            permissions.set(SP.PermissionKind.useClientIntegration);  
            permissions.set(SP.PermissionKind.open);  
            permissions.set(SP.PermissionKind.managePersonalViews);  
            return permissions;  
        }          
</script>  
<div>  
   <h1>Create Custom Permissions</h1>  
   <br/>  
   <input id="btnCreateCustomPermission" type="button" value="Create Permission"/>  
</div>

Source: Create Custom Permissions Level Using JSOM - SharePoint

PowerShell

A sample script with a selected set of permissions.

$site=Get-SPSite "Site Name"  
$web=$site.RootWeb;  
$customPermissionLevel=New-Object Microsoft.SharePoint.SPRoleDefinition  
$customPermissionLevel.Name="Name of the permission level"  
$customPermissionLevel.Description="Descript of the permission level"  
$customPermissionLevel.BasePermissions="EmptyMask,  
ViewListItems,  
AddListItems,  
EditListItems,  
DeleteListItems,  
ApproveItems,  
OpenItems,  
ViewVersions,  
DeleteVersions,  
CancelCheckout;
$web.RoleDefinitions.Add($customPermissionLevel);  
$web.Dispose()  
$site.Dispose()

The built-in permission levels including the available permission types are the following:

Role Definition: Full Control

==================================================

FullMask

Role Definition: Design

==================================================

ViewListItems, AddListItems, EditListItems, DeleteListItems, ApproveItems, OpenItems, ViewVersions, DeleteVersions, CancelCheckout, ManagePersonalViews, ManageLists, ViewFormPages, Open, ViewPages, AddAndCustomizePages, ApplyThemeAndBorder, ApplyStyleSheets, CreateSSCSite, BrowseDirectories, BrowseUserInfo, AddDelPrivateWebParts, UpdatePersonalWebParts, UseClientIntegration, UseRemoteAPIs, CreateAlerts, EditMyUserInfo

Role Definition: Manage Hierarchy

==================================================

ViewListItems, AddListItems, EditListItems, DeleteListItems, OpenItems, ViewVersions, DeleteVersions, CancelCheckout, ManagePersonalViews, ManageLists, ViewFormPages, Open, ViewPages, AddAndCustomizePages, ViewUsageData, CreateSSCSite, ManageSubwebs, ManagePermissions, BrowseDirectories, BrowseUserInfo, AddDelPrivateWebParts, UpdatePersonalWebParts, ManageWeb, UseClientIntegration, UseRemoteAPIs, ManageAlerts, CreateAlerts, EditMyUserInfo, EnumeratePermissions

Role Definition: Approve

================================================== ViewListItems, AddListItems, EditListItems, DeleteListItems, ApproveItems, OpenItems, ViewVersions, DeleteVersions, CancelCheckout, ManagePersonalViews, ViewFormPages, Open, ViewPages, CreateSSCSite, BrowseDirectories, BrowseUserInfo, AddDelPrivateWebParts, UpdatePersonalWebParts, UseClientIntegration, UseRemoteAPIs, CreateAlerts, EditMyUserInfo

Role Definition: Contribute

==================================================

ViewListItems, AddListItems, EditListItems, DeleteListItems, OpenItems, ViewVersions, DeleteVersions, ManagePersonalViews, ViewFormPages, Open, ViewPages, CreateSSCSite, BrowseDirectories, BrowseUserInfo, AddDelPrivateWebParts, UpdatePersonalWebParts, UseClientIntegration, UseRemoteAPIs, CreateAlerts, EditMyUserInfo

Role Definition: Read

==================================================

ViewListItems, OpenItems, ViewVersions, ViewFormPages, Open, ViewPages, CreateSSCSite, BrowseUserInfo, UseClientIntegration, UseRemoteAPIs, CreateAlerts

Role Definition: Restricted Read

=================================================

ViewListItems, OpenItems, Open, ViewPages

Role Definition: Limited Access

==================================================

ViewFormPages, Open, BrowseUserInfo, UseClientIntegration, UseRemoteAPIs

Role Definition: View Only

==================================================

ViewListItems, ViewVersions, ViewFormPages, Open, ViewPages, CreateSSCSite, BrowseUserInfo, UseClientIntegration, UseRemoteAPIs, CreateAlerts

Source: What permissions are behind the permission levels (roles) in SharePoint


Yes, we can do it using JSOm as well. Please visit the below ref:

http://www.c-sharpcorner.com/UploadFile/a30324/search-custom-permissions-level-using-jsom-sharepoint/

Tags:

Csom

Sharepoint Online

Related

Sharepoint - size of content database does not decrease after deleting content Sharepoint - Master page not updating for just one user account - SharePoint Online Sharepoint - error: server side activities have been updated you need to restart sharepoint designer Sharepoint - Get the all sub sites from a site collection along with site hierarchy using CSOM Sharepoint - SharePoint Dev and Prod running on same Farm Sharepoint - Custom URL for sharepoint Online Sharepoint - Free Office 365 subscription Sharepoint - What are the discontinued functionalities between SharePoint 2013 and SharePoint 2016? Sharepoint - How do I create a upload button on SharePoint online Sharepoint - How to add logo in Modern Team Site Sharepoint - How to Make Fields Required in Edit Form Sharepoint - How to provide contribute without edit permissions?

Recent Posts