When we want to grant access to folders or documents or simply for an item to a specific user, we go ahead and break the Inheritance and provide access to the specified user. If we want to achieve this by OOTB functionality then we can do it by Select an Item -> Document Permission (under Documents tab).
In permission window, Break the Inheritance and grant access to the specific user as per your requirement.
Same can be done in SharePoint 2013 environment, by selecting an Item and click on Shared With (under Files tab) and click on Advance in the permission popup.
Use the below script to give access to Multiple Folders or Library Documents to specific users and stop Inherit Permission
var folderID = {};
// Use SPServices or REST API to get all the item ID's
$().SPServices({
operation: "GetListItems",
async: false,
listName: "Shared Document",
CAMLQuery: "<< Query based on your req. >>",
completefunc: function (xData, Status) {
$(xData.responseXML).SPFilterNode("z:row").each(function () {
var folderVal = $(this).attr("ows_ID"); || '';
if (folderVal != '') {
var folder_ID = {};
folder_ID["folderID"] = folderVal;
folderID[folderVal] = folder_ID;
}
}
});
folderID, is a JSON object and it holds all the item ID’s which needs to break Inherit Permission and give access to specified users.
ItemPermission(folderID, User1);
ItemPermission(folderID, User2);
function ItemPermission(folderID, userID) {
SP.SOD.executeFunc("sp.js", 'SP.ClientContext', breakInheritanceChangeUser(folderID, userID));
}
function breakInheritanceChangeUser(folderID, userID, clearSubscops) {
var context = SP.ClientContext.get_current();
var oList = context.get_web().get_lists().getByTitle('Shared Document');
$.each(folderID, function (key, value) {
var folderID_int = parseInt(value.folderID);
var oListItem = oList.getItemById(folderID_int);
if (clearSubscops)
oListItem.breakRoleInheritance(false, clearSubscops);
else
oListItem.breakRoleInheritance(false);
var oUser = context.get_web().ensureUser(userID);
var collRoleDefinitionBinding = SP.RoleDefinitionBindingCollection.newObject(context);
collRoleDefinitionBinding.add(context.get_web().get_roleDefinitions().getByType(SP.RoleType.administrator));
oListItem.get_roleAssignments().add(oUser, collRoleDefinitionBinding);
context.load(oUser);
context.load(oListItem);
context.executeQueryAsync(onQuerySucceeded, onQueryFailed);
});
}
function onQuerySucceeded(sender, args) {
console.log('Role inheritance broken and given access to specific users');
}
function onQueryFailed(sender, args) {
console.log('Request failed.');
}
The below script can be used to remove the user from Item Permission list. We can use the same method to get the folder or item ID’s and store that in a JSON object
ItemPermissionBreak(folderID, user1);
ItemPermissionBreak(folderID, user2);
function ItemPermissionBreak(folderID, userID){
SP.SOD.executeFunc("sp.js", 'SP.ClientContext', breakUserPermission(folderID, userID));
}
function breakUserPermission(folderID, userID) {
var context = SP.ClientContext.get_current();
var oList = context.get_web().get_lists().getByTitle('Shared Document');
$.each(folderID, function (key, value) {
var folderID_int = parseInt(value.folderID);
var oListItem = oList.getItemById(folderID_int);
var oUser = context.get_web().ensureUser(userID);
oListItem.get_roleAssignments().getByPrincipal(oUser).deleteObject();
context.load(oUser);
context.load(oListItem);
context.executeQueryAsync(onQuerySucceeded, onQueryFailed);
});
}
function onQuerySucceeded(sender, args) {
console.log('User Permission has been removed');
}
function onQueryFailed(sender, args) {
console.log('Request failed.');
}
To know more about, BreakRoleInheritance please click here to refer in msdn site.
Happy Coding
Ahamed
Leave a comment