Finding permission for a list or site is not a tough task to talk about but the process of getting to it the number of clicks required might be little cumbersome for a lot of people. Especially when you want to look at a lot of lists and sites simultaneously. In SharePoint or SharePoint online the only way is to find the settings page either site or lists or library and locate the link called site permissions or list permissions
It would be very convenient and intuitive if let’s say there is a single page where I provide a URL of a site and get the permissions for this particular site, and then change the URL get another. What if we can display the permission of the lists in one page. You can pick the lists you want as you wish.
This article will describe the methods I used with the Jquery codes that will help you nail that problem.
Rest API’s Used
- weburl+”/_api/Web/lists”
- Displays all the lists present inside the Site
- weburl+”/_api/web/lists?$filter=HasUniqueRoleAssignments”
- Displays all the lists present inside the site which has unique permissions
- weburl+”/_api/Web/RoleAssignments?$expand=Member,RoleDefinitionBindings”
- This displays all the users and groups with the permission level they have in the provided web.
- weburl+”/_api/Web/lists/getbytitle(‘”+listtitle+”‘)/RoleAssignments?$expand=Member,RoleDefinitionBindings”
- This displays all the users and groups with the permission level they have in the provided web
- Fields we used- Title (Group or User Name), Name(Permission Name), Description( Permission description).
CSS Used
[code language=”css”]
<style&>
.main{
min-height:20px;
padding:5px;
margin-bottom:5px;
color:white;
background-color: #0072C6;
width:50%;
}
input#txtbox {
width: 350px;
height: 30px;
}
#currentindex&gt;div {
background-color: #0072C6;
padding: 5px;
color: white;
width: 50%;
}
</style>
[/code]
Scripts Used
[code language=”javascript”]
<script src=”https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js” type=”text/javascript”></script>
<script type=”text/javascript” src=”/_layouts/15/SP.RequestExecutor.js”></script>
<script type=”text/javascript”>$(document).ready(function () {
//display list function
$(“#btndisplaylist”).click(function(){
var currsite= $(‘#txtsite’).val();
if(checkvalues())
{ $(‘#currentindex’).hide();
$(‘#divlistperm’).show();
var endpointgetlist= currsite+”/_api/Web/lists”;
$(‘#ddllists’).empty();
getJson(endpointgetlist).done(function(data){
var lists= data.d.results;
lists.forEach(function(listitem){
$(‘#ddllists’).append($(‘
<option>’, {
value: listitem.Title, text : listitem.Title }));
});
})
.fail(
function(error){ console.log(JSON.stringify(error)); });
}
});
//display list function ends here
//display lists that has unique permission
$(“#btndisplayuniquelist”).click(function(){
var currsite= $(‘#txtsite’).val();
if(checkvalues())
{
$(‘#currentindex’).hide();
$(‘#divlistperm’).show();
var endpointgetlist= currsite+”/_api/Web/lists?$filter=HasUniqueRoleAssignments”;
$(‘#ddllists’).empty();
getJson(endpointgetlist).done(function(data){
var lists= data.d.results;
lists.forEach(function(listitem){
$(‘#ddllists’).append($(‘
<option>’, { value: listitem.Title,text : listitem.Title }));
});
})
.fail( function(error){ console.log(JSON.stringify(error)); });
}
});
//display lists that has unique permission ends here
//checksite permission
$(“#chksiteperm”).click(function(){
var currsite= $(‘#txtsite’).val();
var endpointUrl = currsite+”/_api/Web/RoleAssignments?$expand=Member,RoleDefinitionBindings”;
$(‘#divlistperm’).hide();
$(‘#currentindex’).show();
if(checkvalues()) {
getJson(endpointUrl).done(function(data) {
var items = data.d.results;
items.forEach(function(item){
var roles= item.RoleDefinitionBindings.results;
var currid= item.Member.Title.replace(/[ ,]+/g, “”);
currid= currid.replace(‘(‘,”);
currid=currid.replace(‘)’,”);
currid=currid.replace(/[^a-z0-9\s]/gi,”);
$(‘#currentindex’).append(”
<div id=”+currid+”><i style=’color:#e3f178;font-size: 16px;’>”+item.Member.Title+”</i>
<b>Permissions</b></div>
“);
roles.forEach(function(roledef){
if($(‘#’+currid).is(“:contains(‘”+roledef.Name+”‘)”))
{ }
else{
$(‘#’+currid).append(“”+roledef.Name +”:”+roledef.Description);
}
});
});
})
.fail( function(error){
console.log(JSON.stringify(error)); }); } });
//check site permission ends here
//check list permission
$(‘#chklistpermission’).click(function(){
var listtitle= $(‘#ddllists’).find(“:selected”).text();
var currsite= $(‘#txtsite’).val();
var endpointUrl = currsite+”/_api/Web/lists/getbytitle(‘”+listtitle+”‘)/RoleAssignments?$expand=Member,RoleDefinitionBindings”;
if(checkvalues())
{
$(‘#currentindex’).show();
$(‘#currentindex’).empty();
getJson(endpointUrl).done(function(data) {
var items = data.d.results;
items.forEach(function(item){
var roles= item.RoleDefinitionBindings.results;
var currid= item.Member.Title.replace(/[ ,]+/g, “”);
currid= currid.replace(‘(‘,”);
currid=currid.replace(‘)’,”);
currid=currid.replace(/[^a-z0-9\s]/gi,”)
$(‘#currentindex’).append(”
<div id=”+currid+”>
<div class=’principlename’><i style=’color:#e3f178;font-size: 16px;’>”+item.Member.Title+”</i>
“);
roles.forEach(function(roledef){
if($(‘#’+currid).is(“:contains(‘”+roledef.Name+”‘)”))
{}
else{
$(‘#’+currid).append(“”+roledef.Name +”:”+roledef.Description );
}
});
});
})
.fail( function(error){console.log(JSON.stringify(error)); }); }
});
//end check list permission
/*ends the document.ready here */
});
//json call function
function getJson(url) {
return $.ajax({
url: url,
type: “GET”,
contentType: “application/json;odata=verbose”,
headers: {“Accept”: “application/json;odata=verbose” } });
}
//end json call function
//function to check if site url is null
function checkvalues()
{
var currsite= $(‘#txtsite’).val();
var str=”;
if(currsite==”)
{
str +=’Site Url cannot be empty’
};
if(str==”)
{
return true;
}
else{
alert(str);
return false;
}
}
//end function
</script>
[/code]
Html Used
[code language=”Html”]
<div id=”chkpermission”>
<label for=”enterlistname” style=”font-weight:bold;font-size:16pxl”>Enter the site URL (Please enter the full URL like https://www.google.com)</label>
<input id=”txtsite” type=”text” size=”60px” height=”30px” style=”margin-top:5px;”>
<input id=”chksiteperm” type=”button” value=”Check Site Permission”>
<input id=”btndisplaylist” type=”button” value=”Display All Lists”> <input id=”btndisplayuniquelist” type=”button” value=”Display Lists With Unique Permission”>
<div id=”divlistperm” style=”display:none”><select id=”ddllists”>
</select> <input id=”chklistpermission” type=”button” value=”Check List Permission”></div>
</div>
<div id=’currentindex’></div>
[/code]
Put all the code in a single HTML file save it and upload to a document library.
Add a page edit it add Content Editor web part from the web part gallery to the page.
In the text link provide the link to the HTML file we just created.
If you have followed all the steps then your HTML file should look like following.
- The text-box requires a full URL of your site or sub-site. Enter the site URL and
as shown in above image Enter the Site URL and click on the button check permission. It will display all the groups or users who have permission on this particular web or site. In the above picture, Alearner is a user whereas all others are groups. If there are any users or groups added directly to the sub-sites or lists and libraries they are automatically provided limited access to the top level site.
2. Click on Display all Lists
3. Click on Display lists with Unique Permissions
4. Check list permission
As seen in the above images there is a button next to each list called Check List Permission. Which when clicked will list the users and groups which have permission to that particular lists.
This way from a single page using just j query and rest API we can create an HTML page that will list the permission for any site or site content.
Latest Update:
Hi, this weekend is good for me, for the reason that this occasion i am reading this great informative paragraph here at my house.
Thanks for this great article. I set up a “Permissions Viewer” page to use on all of our organization’s SharePoint sites.
One thing I’d like to do is add a PeoplePicker and display the site/list/library permissions for the selected user. I haven’t had any luck finding rest calls for this. If you are able to point me in the right direction I would really appreciate it.
Thank you,
Marv
Marv, I am not sure if user has a property that keeps a track of lists and libraries it has permission to. here is a rest api https://mysite/_api/SP.UserProfiles.PeopleManager/GetPropertiesFor(accountName=@v)?@v=%27domain\username%27 that i use to get user properties. Unless you write a custom code to create a custom property for user profile which will get the list name or site name everytime they are added to a list or site. The other way is you get the permission for each list or site and check if your user is present there or part of the group. I have an article that is called user and group management which let’s you drill down inside a group https://sshareasolutions.com/2018/09/18/user-and-groups-management-in-sharepoint-online-using-rest-and-jquery/ not sure if that can help. I will be putting a most recent version for Permission and User group manager very soon too. Thanks for the visit