Add Only Permission Level in SharePoint 2010


Have you ever had a requirement from your farm users that they need a custom permission level which allows the users/groups to add or submit documents or InfoPath forms into a library but not view or edit them? If you try to create this permission level using SharePoint GUI (Site Permissions > Permission Levels > Add a Permission Level), you will notice that whenever you check the permission “Add Items”, the permission “View Items” will also be checked. There is no way you can check “Add Items” permission alone. But don’t worry, as always, PowerShell is at your help. You can create an add only permission level using the following PowerShell script.


$spweb=Get-SPWeb -Identity "<site url>";
$spRoleDefinition = New-Object Microsoft.SharePoint.SPRoleDefinition;
$spRoleDefinition.Name = "Submit only";
$spRoleDefinition.Description = "Can submit/add forms/files/items into library or list but cannot view/edit them.";
$spRoleDefinition.BasePermissions = "AddListItems, ViewPages, ViewFormPages, Open";
$spweb.RoleDefinitions.Add($spRoleDefinition);
$spweb.Dispose();

Paste the above script into a text editor and save it into the server with .ps1 extension. From the PowerShell console, execute the ps1 file. You will have the new permission level created in the site collection at <site url>.

Advertisements

10 thoughts on “Add Only Permission Level in SharePoint 2010

  1. I just modified the script to add the base permission “Open” into line 5. This should resolve the issue. You can either recreated the permission level using the modified script or add the base permission “Open” via site collection permission settings.

  2. Hi! Thanks its working now correctly. But maybe one more questions. As ou realized, i am trying to make a list for BussinessTrip log, and main purpuse is to allow “everyone” to create & View only their ITEMS, and for some group to view and edit all items. Do you know any trick for this ? Thanks

  3. You can restrict users to view only their own items via Lists Settings > Advanced Settings. For users who need to view and modify all items, create another group with Manage List Permission rights.

    • OK, thanks. 🙂 Almost done. No regular user can see his items, can Add items (because of Submit Only AR) but he cannot edit his item. I think another permission level is required like the Submit Only, lets say “Edit only” ?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s