Modify Permission Levels (using bitwise operators)

permission-level-teaser

The easiest way to create a new permission level in SharePoint is to copy and modify an existing permission level. For example, you can copy the ‘Contributor’ permission level and remove the ability to delete items by unchecking the corresponding option. SharePoint 2010 even provides a ready-to-use out-of-the-box button to copy existing permission levels.

However, modifying permission levels programmatically is a little bit less obvious as the SPBasePermission enumeration is implemented as a bit flag.

Using bitwise operators you can modify permission levels:

Copy a permission level:

SPRoleDefinition contributorRole = web.RoleDefinitions.GetByType(SPRoleType.Contributor);
SPRoleDefinition customRole = new SPRoleDefinition(contributorRole);

Add a permission:

customRole.BasePermissions |= SPBasePermissions.CreateGroups;

Add multiple permissions:

customRole.BasePermissions |= (SPBasePermissions.ApplyStyleSheets | SPBasePermissions.ApproveItems);

All all permissions:

customRole.BasePermissions |= SPBasePermissions.FullMask;

Remove a permission:

customRole.BasePermissions &= ~SPBasePermissions.DeleteListItems;

Remove multiple permissions:

customRole.BasePermissions &= ~(SPBasePermissions.DeleteVersions | SPBasePermissions.EditListItems);

Remove all permissions:

customRole.BasePermissions &= SPBasePermissions.EmptyMask;

Test for a permission:

Boolean permissionTest = (customRole.BasePermissions & SPBasePermissions.DeleteListItems) == SPBasePermissions.DeleteListItems;

Save a permission level:

customRole.Name = "Alain's Permission Level";
customRole.Description = "My Custom Permission Level";
web.RoleDefinitions.Add(customRole);
web.Update();

About the author

Alain

You can leave a response, or trackback from your own site.

One Response to “Modify Permission Levels (using bitwise operators)”

  1. suma says:

    hi, i want to change the Permissions for an already existing Permission level
    .
    For ex: For Read permission i want to add permission -Enumerate permissions where in users having read access can see the permissions for the site.

    and it has to be done for more than 1000 sites..
    Can anyone help me with this..

Leave a Reply to suma