Add only permission role definition script

When you want only item create user read/update his/her own item

you can use Item-level permissions(List Settings -> Advanced Settings)

But how can you give user limited contribute permission?

let’s create add only user permission (role definition) using powershell script and then just give this permission to the specific group.

Add-PSSnapin “Microsoft.SharePoint.PowerShell” -ErrorAction SilentlyContinue
$url=”http://sharepontqna.com”
$web=get-spweb $url
#check permission level doesn’t exist
if($web.RoleDefinitions[“AddOnly”] -eq $null){

$spRoleDefinition = New-Object Microsoft.SharePoint.SPRoleDefinition
$spRoleDefinition.Name = “AddOnly”
$spRoleDefinition.Description = “Can only add”
# .Type is a ReadOnly property, hence it’ll remain on “None”.
# Use the command [System.Enum]::GetNames    (“Microsoft.SharePoint.SPBasePermissions”) to get a list of possible BasePermission values
# For this Permission Level, we’ll add only add permissions:
$spRoleDefinition.BasePermissions = “AddListItems”
#ViewListItems, AddListItems, EditListItems, OpenItems, ViewVersions, Open, ViewPages, EditMyUserInfo, ManagePersonalViews”
$web.RoleDefinitions.Add($spRoleDefinition)

}else{
$PermissionLevel = “AddOnly”
$BasePermission = “AddListItems”
$spRoleDefinition = $web.RoleDefinitions[$PermissionLevel]
$spRoleDefinition.BasePermissions = $BasePermission
$spRoleDefinition.Update()
}

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: