Requirement: Create a new permission level in SharePoint online site collection for contribute without delete permissions.
SharePoint Online PowerShell to Create Permission Level
Image may be NSFW.
Clik here to view.
SharePoint Online PowerShell to Create Permission Level
#Load SharePoint CSOM AssembliesInstead of copying an existing permission level and manipulating it, You can also create new permission level from the scratch.
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
##Variables for Processing
$SiteUrl = "https://crescent.sharepoint.com/"
$SourcePermissionLevelName ="Contribute"
$TargetPermissionLevelName ="Contribute Without Delete"
Try {
#Get Credentials to connect
$Cred = Get-Credential
$Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)
#Setup the context
$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteUrl)
$Ctx.Credentials = $Credentials
$Web = $Ctx.Web
#Get the source permission level
$RoleDefinitions = $web.RoleDefinitions
$Ctx.Load($RoleDefinitions)
$SourceRoleDefinition = $RoleDefinitions.GetByName($SourcePermissionLevelName)
$Ctx.Load($SourceRoleDefinition)
$Ctx.ExecuteQuery()
#get base permissions from the source and remove "Delete"
$TargetBasePermissions = $SourceRoleDefinition.BasePermissions
$TargetBasePermissions.clear([Microsoft.SharePoint.Client.PermissionKind]::DeleteListItems)
#check if the given permission level exists already!
$TargetPermissionLevel = $RoleDefinitions | Where-Object { $_.Name -eq $TargetPermissionLevelName }
if($TargetPermissionLevel -eq $null)
{
#Create new permission level from source permission level
$PermissionCreationInfo = New-Object Microsoft.SharePoint.Client.RoleDefinitionCreationInformation
$PermissionCreationInfo.Name = $TargetPermissionLevelName
$PermissionCreationInfo.Description = $TargetPermissionLevelName
$PermissionCreationInfo.BasePermissions = $TargetBasePermissions
#Add the role definitin to the site
$TargetPermissionLevel = $Web.RoleDefinitions.Add($PermissionCreationInfo)
$Ctx.ExecuteQuery()
Write-host "New Permission Level Created Successfully!" -ForegroundColor Green
}
else
{
Write-host "Permission Level Already Exists!" -ForegroundColor Red
}
}
Catch {
write-host -f Red "Error Creating Permission Level!" $_.Exception.Message
}
#Create base Permission setThis script copies existing permission level and creates the new permission level
$Permissions = New-Object Microsoft.SharePoint.Client.BasePermissions
#Add permissions to it
$Permissions.Set([Microsoft.SharePoint.Client.PermissionKind]::ViewListItems)
$Permissions.Set([Microsoft.SharePoint.Client.PermissionKind]::ViewVersions)
Image may be NSFW.
Clik here to view.
