How to Get All the Site Permission Levels in SharePoint 2013 Online Using REST API

In this article, you will see how to get all the site permission levels using the REST API in SharePoint 2013 Online.

Introduction

SharePoint 2013 introduces a Representational State Transfer (REST) service comparable to the existing SharePoint client object models. This allows the developers to interact remotely with SharePoint data using any technology that supports REST web requests. This means developers can do Create, Read, Update, and Delete (CRUD) operations from their apps for SharePoint, solutions, and client applications, using REST web technologies and standard Open Data Protocol (OData) syntax. In this article, you will see the following.

  • Create an app using the NAPA Tool in SharePoint 2013 Online.
  • Cross-Domain Requests.
  • Get all the permission levels from the host site using the REST API.

Endpoint URL

https://sitename/_api/web/ RoleDefinitions

Note. If you are making cross-domain requests, then you need to add SP.AppContextSite (@target) and ?@target='<host web url>' to the endpoint URI.

HTTP Request

  • GET: Read a Resource.

Use the following procedure to create an app using NAPA Tool.

  1. Navigate to the SharePoint 2013 Online site.
  2. Click on Site Contents in the quick launch bar.
  3. Click on “Napa” Office 365 Development Tools.
    Office 365 Development Tools
  4. Click on Add New Project.
    Add New Project
  5. Select App for SharePoint, enter the Project name, and then click on Create.
    App for SharePoint

Permissions

Ensure appropriate permission is provided to access the content. Click on the Properties button, and then click on Permissions. Set the required permission to access the content.

Permissions

Default.aspx

Replace the contents of Default.aspx with the following.

<%-- The markup and script in the following Content element will be placed in the <head> of the page --%>
<asp:content contentplaceholderid="PlaceHolderAdditionalPageHead" runat="server">
    <script type="text/javascript" src="https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.9.1.min.js"></script>
    <script type="text/javascript" src="/_layouts/15/sp.runtime.js"></script>
    <script type="text/javascript" src="/_layouts/15/sp.js"></script>
    <!-- Add your CSS styles to the following file -->
    <link rel="Stylesheet" type="text/css" href="../Content/App.css" />
    <!-- Add your JavaScript to the following file -->
    <script type="text/javascript" src="../Scripts/App.js"></script>
</asp:content>
<%-- The markup in the following Content element will be placed in the TitleArea of the page --%>
<asp:content contentplaceholderid="PlaceHolderPageTitleInTitleArea" runat="server">Page Title</asp:content>
<%-- The markup and script in the following Content element will be placed in the <body> of the page --%>
<asp:content contentplaceholderid="PlaceHolderMain" runat="server">
    <div>
        <p>
            <b>Permission Levels</b>
            <br />
            <select style="height:300px; width:310px" multiple="multiple" id="selectPermissionLevels"></select>
        </p>
    </div>
</asp:content>

App.js

Replace the contents of App.js with the following.

'use strict';
var hostweburl;
var appweburl;
// Load the required SharePoint libraries.
$(document).ready(function() {
    // Get the URI decoded URLs.
    hostweburl = decodeURIComponent(
        getQueryStringParameter("SPHostUrl"));
    appweburl = decodeURIComponent(
        getQueryStringParameter("SPAppWebUrl"));
    // Resources are in URLs in the form:
    // web_url/_layouts/15/resource
    var scriptbase = hostweburl + "/_layouts/15/";
    // Load the js file and continue to load the page with information about the site permission levels.
    // SP.RequestExecutor.js to make cross-domain requests
    $.getScript(scriptbase + "SP.RequestExecutor.js", loadPage);
});
// Utilities
// Retrieve a query string value.
// For production purposes you may want to use a library to handle the query string.
function getQueryStringParameter(paramToRetrieve) {
    var params = document.URL.split("?")[1].split("&");
    for (var i = 0; i < params.length; i = i + 1) {
        var singleParam = params[i].split("=");
        if (singleParam[0] == paramToRetrieve) return singleParam[1];
    }
}
function loadPage() {
    getPermissionLevels();
}
// Retrieve all of the site permission levels
function getPermissionLevels() {
    var executor;
    // Initialize the RequestExecutor with the app web URL.
    executor = new SP.RequestExecutor(appweburl);
    executor.executeAsync({
        url: appweburl + "/_api/SP.AppContextSite(@target)/web/RoleDefinitions?@target='" + hostweburl + "'",
        method: "GET",
        headers: {
            "Accept": "application/json; odata=verbose"
        },
        success: getSitePermissionLevelsSuccessHandler,
        error: getsitePermissionLevelsErrorHandler
    });
}
// Populate the selectPermissionLevels control after retrieving all of the site permission levels.
function getSitePermissionLevelsSuccessHandler(data) {
    var jsonObject = JSON.parse(data.body);
    var selectPermissionLevels = document.getElementById("selectPermissionLevels");
    if (selectPermissionLevels.hasChildNodes()) {
        while (selectPermissionLevels.childNodes.length >= 1) {
            selectPermissionLevels.removeChild(selectPermissionLevels.firstChild);
        }
    }
    var results = jsonObject.d.results;
    for (var i = 0; i < results.length; i++) {
        var selectOption = document.createElement("option");
        selectOption.value = results[i].Name;
        selectOption.innerText = results[i].Name;
        selectPermissionLevels.appendChild(selectOption);
    }
}
function getsitePermissionLevelsErrorHandler(data, errorCode, errorMessage) {
    alert("Could not get site permission levels: " + errorMessage);
}

Deploy the app

  1. Click on Run Project.
    App
  2. The app will be packaged, deployed, and launched.
    Run
  3. Click on “Click here to launch your app in a new window”.
    New window
  4. Click on Trust it.
    Trust
  5. All permission levels from the host site are displayed.
    C team site

Summary

Thus in this article, you saw how to get all the site permission levels using the REST API in SharePoint 2013 Online.