Have you ever had a requirement from your farm users that they need a custom permission level which allows the users/groups to add or submit documents or InfoPath forms into a library but not view or edit them? If you try to create this permission level using SharePoint GUI (Site Permissions > Permission Levels > Add a Permission Level), you will notice that whenever you check the permission “Add Items”, the permission “View Items” will also be checked. There is no way you can check “Add Items” permission alone. But don’t worry, as always, PowerShell is at your help. You can create an add only permission level using the following PowerShell script.
$spweb=Get-SPWeb -Identity "<site url>"; $spRoleDefinition = New-Object Microsoft.SharePoint.SPRoleDefinition; $spRoleDefinition.Name = "Submit only"; $spRoleDefinition.Description = "Can submit/add forms/files/items into library or list but cannot view/edit them."; $spRoleDefinition.BasePermissions = "AddListItems, ViewPages, ViewFormPages, Open"; $spweb.RoleDefinitions.Add($spRoleDefinition); $spweb.Dispose();
Paste the above script into a text editor and save it into the server with .ps1 extension. From the PowerShell console, execute the ps1 file. You will have the new permission level created in the site collection at <site url>.