SharePoint Create custom permission levels and groups with c#

You can use custom code to create your own permission level and custom groups in SharePoint. Usage is mostly a feature which user can activate or if you are using a site definition it would be used to provide custom groups and permission levels to a specific site template at creation time.

Let’s see what we have to do in code? This code could be implemented in a feature event receiver.

Create Permission Level

At first we create the permission level. There are two ways. You can use a default or a already existing permission level. In the second part you see how to generate your own permission level.

//Get default permission level
SPRoleDefinition roleDefAdmin = web.RoleDefinitions.GetByType(SPRoleType.Administrator);

//Create a new permission level
SPRoleDefinition roleDefContributeNoDelete = new SPRoleDefinition();
roleDefContributeNoDelete.Name = "Contributor Permissions without Delete";
roleDefContributeNoDelete.Description = "Mitwirken ohne Löschen";
roleDefContributeNoDelete.BasePermissions = SPBasePermissions.AddListItems | SPBasePermissions.EditListItems
| SPBasePermissions.ViewListItems | SPBasePermissions.OpenItems | SPBasePermissions.ViewVersions | SPBasePermissions.CreateAlerts
| SPBasePermissions.ViewFormPages | SPBasePermissions.ViewPages | SPBasePermissions.BrowseUserInfo
| SPBasePermissions.UseRemoteAPIs | SPBasePermissions.UseClientIntegration | SPBasePermissions.Open;


If you now deploy your permission level should be available.

Create Group and assign permission level

In these steps we create a group and assign the permission level to the group.

//create group
rootWeb.SiteGroups.Add("Meine Gruppe", site.Owner, site.Owner, "Beschreibung");
//get the created group from web
SPGroup groupAdmin = rootWeb.SiteGroups[groupname];
//Create a new assignment and afterwords, bind the group to it. Then set the roledefinition (permission level) to it and add it to the web.
SPRoleAssignment roleAssignAdmin = new SPRoleAssignment(groupAdmin);

Now if you look at site actions – site permissions your group should be displayed with the permission level we assigned.



The article or information provided here represents completely my own personal view & thought. It is recommended to test the content or scripts of the site in the lab, before making use in the production environment & use it completely at your own risk. The articles, scripts, suggestions or tricks published on the site are provided AS-IS with no warranties or guarantees and confers no rights.

Karsten Pohnke About Karsten Pohnke
He is Consultant for SharePoint Solutions for collaboration, communication and business processes. He provides his customers applications based on standard features as well as development or combining the power of several microsoft tools like Dynamics CRM. In his free time he tries to collect tipps and worthy experience in this blog.

3 comments on “SharePoint Create custom permission levels and groups with c#

  1. Xristos

    I suggest you should add how to find the unique permission :
    RoleDefinitionCollection roleDefs = null;
    roleDefs = context.Web.RoleDefinitions;
    RoleDefinition roledef = null;
    roledef = roleDefs.GetByName(“Contribute but not delete”);
    if (roledef != null)

    • Thank you for you comment, for what purpose should i add how to find the unique permissions?

Submit comment

Allowed HTML tags: <a href="">google</a> <strong>bold</strong> <em>emphasized</em> <code>code</code> <blockquote>

Please fill in the captcha: * Time limit is exhausted. Please reload CAPTCHA.