Security management is a prime concern in SharePoint as the right content has to be served to the right people with adequate permissions. SharePoint recommends assigning role-based permissions. All the permissions are managed through the roles. Roles are classified into two sections:
- Role Definition and
- Role Assignment
Role definition, also known as a permission level, is the list of the permissions associated with the role. Full control, contribute, read, design and limited access are some of the role definitions available. Role assignment is the relationship established between the users/groups and the role definition. Hence, when we assign a role programmatically, it is a two-step process: instantiation of the role definition and implementation of the role assignment to the user/group.
In this article, we will see how to create a role definition with the specific permissions, using JavaScript Object model.
Internal Implementation
- Add reference to jQuery file.
- <script language="javascript" type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jquery/1.8.1/jquery.min.js"></script>
- <script language="javascript" type="text/javascript">
- Within the document ready function, call SP.SOD.executeFunc, so as to load the on demand script SP.js . Call the main starting point function, say: createRoleDef.
- SP.SOD.executeFunc('sp.js', 'SP.ClientContext', createRoleDef);
- Instantiate client context and get the site instance.
- var clientContext = new SP.ClientContext();
- var oSiteColl = clientContext.get_site();
- Create the permissions object. Once the permissions object is created, assign the required permissions to it.
- var oWeb = clientContext.get_web();
- var oPermissions = new SP.BasePermissions();
-
- oPermissions.set(SP.PermissionKind.viewListItems);
- oPermissions.set(SP.PermissionKind.addListItems);
- oPermissions.set(SP.PermissionKind.editListItems);
- oPermissions.set(SP.PermissionKind.deleteListItems);
- Create the role definition object and add it to the site object.
- var oRoleDefinitionCreationInfo = new SP.RoleDefinitionCreationInformation();
- oRoleDefinitionCreationInfo.set_name('Custom Role Definition');
- oRoleDefinitionCreationInfo.set_description('Custom Role Definition to manage list items');
- oRoleDefinitionCreationInfo.set_basePermissions(oPermissions);
- var roleDefinition = oSiteColl.get_rootWeb().get_roleDefinitions().add(oRoleDefinitionCreationInfo);
- Load the client context and execute the batch, which will send the request to the Server and perform the entire JavaScript object model operation as a batch.
- clientContext.executeQueryAsync(QuerySuccess, QueryFailure);
Full Code
- <script language="javascript" type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jquery/1.8.1/jquery.min.js"></script>
- <script language="javascript" type="text/javascript">
- $(document).ready(function() {
- SP.SOD.executeFunc('sp.js', 'SP.ClientContext', createRoleDef);
- });
- var roleDefCollection;
-
- function createRoleDef() {
-
- var clientContext = new SP.ClientContext();
- var oSiteColl = clientContext.get_site();
-
- var oPermissions = new SP.BasePermissions();
-
- oPermissions.set(SP.PermissionKind.viewListItems);
- oPermissions.set(SP.PermissionKind.addListItems);
- oPermissions.set(SP.PermissionKind.editListItems);
- oPermissions.set(SP.PermissionKind.deleteListItems);
-
- var oRoleDefinitionCreationInfo = new SP.RoleDefinitionCreationInformation();
- oRoleDefinitionCreationInfo.set_name('Custom Role Definition');
- oRoleDefinitionCreationInfo.set_description('Custom Role Definition to manage list items');
- oRoleDefinitionCreationInfo.set_basePermissions(oPermissions);
- var roleDefinition = oSiteColl.get_rootWeb().get_roleDefinitions().add(oRoleDefinitionCreationInfo);
-
- clientContext.executeQueryAsync(QuerySuccess, QueryFailure);
- }
-
- function QuerySuccess() {
- console.log("New Role Definition has been created.");
- }
-
- function QueryFailure(sender, args) {
- console.log('Request failed' + args.get_message());
- }
- </script>
We can test this in SharePoint by adding the script to the Content Editor Web part, as shown below:
SharePoint Implementation
- Save the code, mentioned above, to a text file and save it into one of the SharePoint Libraries, say: Site Assets.
- Go to the edit settings of SharePoint page and click Web part from the Insert tab.
- Add Content Editor Web part.
- Click Edit Web art from Content Edit Web part. Assign the URL of the script text file and click Apply.
Click Apply. This will create the new role definition. We can check this from the site permissions page.
Output
Summary
Thus, we have seen, how to create a new role definition in SharePoint, using JavaScript object model. This has been tested in both SharePoint 2016 and Office 365.