Create Custom Permissions Level Using JSOM - SharePoint

We can use JSOM for creating custom permission sets in SharePoint 2013. I’ll explain the basics of this using a CEWP and jQuery. This script can be used in SharePoint Online, SharePoint App and Farm solutions with ease.

Prerequisites: User must have full control on site.

Solution:

  1. Create a web part page in your SharePoint 2013 or Office 365 SharePoint Site.

  2. Add Content Editor web part on the page.

    Content Editor

  3. Edit ‘HTML Source’ of content editor web part and copy the following html, then press OK.
    1. <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script><script src="/_layouts/15/sp.js" type="text/javascript"></script><script src="/_layouts/15/SP.RequestExecutor.js" type="text/javascript"></script>   
    2. <script src="/_layouts/15/SP.search.js" type="text/javascript"></script>  
    3. <script type="text/javascript">  
    4. $(function () {  
    5.   
    6. $('#btnCreateCustomPermission').click(btnCreateCustomPermission_Click);  
    7.   
    8. });  
    9.   
    10. function btnCreateCustomPermission_Click() {          
    11.            var appweburl = _spPageContextInfo.siteAbsoluteUrl;  
    12.            var clientContext = new SP.ClientContext(appweburl);  
    13.   
    14.             var dsReadPermissions = createPermissionSet();  
    15.             createCustomPermission(clientContext, "DSRead""DSRead", dsReadPermissions,  
    16.             function DSReadSuccess() {  
    17.                 alert("Successfully created DSRead");  
    18.             },  
    19.             function DSReadFail(control, info) {  
    20.                 alert("Failed to create DSRead. " + info.get_message());  
    21.             });  
    22.         }  
    23.   
    24.         function createCustomPermission(context, name, desc, permissions, success, fail) {  
    25.             // Create a new role definition.  
    26.             var roleDefinitionCreationInfo = new SP.RoleDefinitionCreationInformation();  
    27.             roleDefinitionCreationInfo.set_name(name);  
    28.             roleDefinitionCreationInfo.set_description(desc);  
    29.             roleDefinitionCreationInfo.set_basePermissions(permissions);  
    30.             var roleDefinition = context.get_site().get_rootWeb().get_roleDefinitions().add(roleDefinitionCreationInfo);  
    31.             context.executeQueryAsync(success, fail);  
    32.         }  
    33.   
    34.         function createPermissionSet() {  
    35.             //Create permission set with required permissions  
    36.             var permissions = new SP.BasePermissions();  
    37.             permissions.set(SP.PermissionKind.viewListItems);  
    38.             permissions.set(SP.PermissionKind.openItems);  
    39.             permissions.set(SP.PermissionKind.viewVersions);  
    40.             permissions.set(SP.PermissionKind.createAlerts);  
    41.             permissions.set(SP.PermissionKind.viewFormPages);  
    42.             permissions.set(SP.PermissionKind.createSSCSite);  
    43.             permissions.set(SP.PermissionKind.viewPages);  
    44.             permissions.set(SP.PermissionKind.browseUserInfo);  
    45.             permissions.set(SP.PermissionKind.useRemoteAPIs);  
    46.             permissions.set(SP.PermissionKind.useClientIntegration);  
    47.             permissions.set(SP.PermissionKind.open);  
    48.             permissions.set(SP.PermissionKind.managePersonalViews);  
    49.             return permissions;  
    50.         }          
    51. </script>  
    52. <div>  
    53.    <h1>Create Custom Permissions</h1>  
    54.    <br/>  
    55.    <input id="btnCreateCustomPermission" type="button" value="Create Permission"/>  
    56. </div>  
  4. Page will be displayed as in the following screenshot:

    Create Permission

  5. Click on button ‘Create Permission’ to create a custom permission ‘DSRead’. It would display success/fail message.

JS explained:

JS starts with required script references (jQuery, sp.js etc.). In document ready, button click event is associated to the button. Function btnCreateCustomPermission_Click get the client context and calls function createPermissionSet; which creates all required permissions in a set. And finally function createCustomPermission gets context and permission details and creates permission level.

To check newly created permission level: Site Actions,  Site Settings, then Site Permissions and click Permission Levels.