PowerShell to Update Permissions for Custom Permission Level in SharePoint
Requirement: Update permission level in SharePoint using PowerShell
How to Edit a Permission level in SharePoint?
To edit an existing permission level in SharePoint, follow these steps:
- Permission levels are scoped at site collection. So, Navigate to SharePoint Site collection where you want the permission level to be edited.
- Click on Settings gear >> Select Site Settings from the Settings menu.
- On the Site Settings page, Click on "Site Permissions" link under Users and Permissions section.
- On the Permissions page, Click on "Permission Levels" button from the Permissions tab of the ribbon.
- In Permission Levels page, Click on the permission level you want to edit.
- Uncheck the tick boxes next to the permission to remove it from the
permission level. E.g. I've removed "Delete Items" from the permission
level. Similarly, you can add any permission to include it.
- Scroll down and click on "Submit" button to save your changes.
PowerShell to Update a Permission Level in SharePoint
To change permissions of a permission level using PowerShell, use:
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
#Parameters
$SiteURL = "http://sharepoint.crescent.com/sites/operations"
$PermissionLevelName = "Contribute without Delete"
#Get the Site collection's Root web
$web = Get-SPWeb $SiteURL
#Get the Permission Level
$RoleDefinition = $Web.RoleDefinitions[$PermissionLevelName]
If($RoleDefinition)
{
#Set the Base Permissions
$Permissions="ViewListItems, AddListItems, EditListItems, OpenItems, ViewVersions, ManagePersonalViews, ViewFormPages, Open, ViewPages, CreateSSCSite, BrowseDirectories, BrowseUserInfo, AddDelPrivateWebParts, UpdatePersonalWebParts, UseClientIntegration, UseRemoteAPIs, CreateAlerts, EditMyUserInfo"
#Update the Permissions for Permission Level
$RoleDefinition.BasePermissions = $Permissions
$RoleDefinition.Update()
Write-host "Permisssion Level Updated Successfully!" -f Green
}
Else
{
Write-host "Couldn't find Permissions Level $PermissionLevelName!" -f Yellow
}
To get all available base permissions, refer: https://docs.microsoft.com/en-us/dotnet/api/microsoft.sharepoint.spbasepermissions?view=sharepoint-server
Warning: Do not change the Out of the box permission levels such as "Full control" or "Contribute"! Always copy the existing permission level and add/remove permissions to it!
No comments:
Please Login and comment to get your questions answered!