You can use custom code to create your own permission level and custom groups in SharePoint. Usage is mostly a feature which user can activate or if you are using a site definition it would be used to provide custom groups and permission levels to a specific site template at creation time.
Let’s see what we have to do in code? This code could be implemented in a feature event receiver.
Create Permission Level
At first we create the permission level. There are two ways. You can use a default or a already existing permission level. In the second part you see how to generate your own permission level.
[sourcecode language=”csharp”]
//Get default permission level
SPRoleDefinition roleDefAdmin = web.RoleDefinitions.GetByType(SPRoleType.Administrator);
//Create a new permission level
SPRoleDefinition roleDefContributeNoDelete = new SPRoleDefinition();
roleDefContributeNoDelete.Name = “Contributor Permissions without Delete”;
roleDefContributeNoDelete.Description = “Mitwirken ohne Löschen”;
roleDefContributeNoDelete.BasePermissions = SPBasePermissions.AddListItems | SPBasePermissions.EditListItems
| SPBasePermissions.ViewListItems | SPBasePermissions.OpenItems | SPBasePermissions.ViewVersions | SPBasePermissions.CreateAlerts
| SPBasePermissions.ViewFormPages | SPBasePermissions.ViewPages | SPBasePermissions.BrowseUserInfo
| SPBasePermissions.UseRemoteAPIs | SPBasePermissions.UseClientIntegration | SPBasePermissions.Open;
rootWeb.RoleDefinitions.Add(roleDefContributeNoDelete);
[/sourcecode]
If you now deploy your permission level should be available.
Create Group and assign permission level
In these steps we create a group and assign the permission level to the group.
[sourcecode language=”csharp”]
//create group
rootWeb.SiteGroups.Add(“Meine Gruppe”, site.Owner, site.Owner, “Beschreibung”);
//get the created group from web
SPGroup groupAdmin = rootWeb.SiteGroups[groupname];
//Create a new assignment and afterwords, bind the group to it. Then set the roledefinition (permission level) to it and add it to the web.
SPRoleAssignment roleAssignAdmin = new SPRoleAssignment(groupAdmin);
roleAssignAdmin.RoleDefinitionBindings.Add(roleDefAdmin);
rootWeb.RoleAssignments.Add(roleAssignAdmin);
rootWeb.Update();
[/sourcecode]
Now if you look at site actions – site permissions your group should be displayed with the permission level we assigned.
..:: I LIKE SHAREPOINT ::..
Great post, solves some practical deployment problems.
I suggest you should add how to find the unique permission :
RoleDefinitionCollection roleDefs = null;
roleDefs = context.Web.RoleDefinitions;
RoleDefinition roledef = null;
context.Load(roleDefs);
context.ExecuteQuery();
roledef = roleDefs.GetByName(“Contribute but not delete”);
if (roledef != null)
;
Thank you for you comment, for what purpose should i add how to find the unique permissions?