Get Approve, Manage Hierarchy, Restricted Read, View Only Role Definition programatically

Everybody has experienced with SharePoint permission knows about the OOTB SharePoint default permission level. From technet article, it will look like below:

  • View Only – Includes permissions that enable users to view pages, list items, and documents.
  • Limited Access – Includes permissions that enable users to view specific lists, document libraries, list items, folders, or documents, without giving access to all the elements of a site. You cannot edit this permission level directly.
  • Read – Includes permissions that enable users to view items on the site pages.
  • Edit – Includes permissions that enable users to add, edit and delete lists; can view, add, update and delete list items and documents.
  • Contribute – Includes permissions that enable users to add or change items on the site pages or in lists and document libraries.
  • Design – Includes permissions that enable users to view, add, update, delete, approve, and customize the layout of site pages by using the browser or SharePoint Designer 2013.
  • Full Control – Includes all permissions.
  • Approve – Includes permissions to edit and approve pages, list items, and documents.
  • Manage Hierarchy – Includes permissions to sites and edit pages, list items, and documents.
  • Restricted Read – Includes permissions to view pages and documents, but not historical versions or permissions information.

Below code shows you how to get each Role Definition programatically.

private static void Main(string[] args)
        using (SPSite site = new SPSite("http://yourSiteUrl"))
            using (SPWeb web = site.OpenWeb())
                // Loop through all permission level in root web
                foreach (SPRoleDefinition eachRoleDefinition in web.RoleDefinitions)
                    Console.WriteLine(string.Format("Role:{0}; Type:{1};", eachRoleDefinition.Name, eachRoleDefinition.Type.ToString()));

                // Based on Role Type above, we could retrieve each Role Definition
                SPRoleDefinition roleDefinitionAdministrator = web.RoleDefinitions.GetByType(SPRoleType.Administrator);
                SPRoleDefinition roleDefinitionDesigner = web.RoleDefinitions.GetByType(SPRoleType.WebDesigner);
                SPRoleDefinition roleDefinitionContributor = web.RoleDefinitions.GetByType(SPRoleType.Contributor);
                SPRoleDefinition roleDefinitionEdit = web.RoleDefinitions.GetByType(SPRoleType.Editor);
                SPRoleDefinition roleDefinitionReader = web.RoleDefinitions.GetByType(SPRoleType.Reader);
                SPRoleDefinition roleDefinitionLimitedAccess = web.RoleDefinitions.GetByType(SPRoleType.Guest);
    catch (Exception ex)
        // your error handler

Role Definition results:

Role Name Role Type
Full Control Administrator
Design WebDesigner
Edit Editor
Contribute Contributor
Read Reader
Limited Access Guest
Approve None
Manage Hierarchy None
Restricted Read None
Restricted Interfaces for Translation None
View Only None

Then, the next question is How do we retrieve Approve, Manage Hierarchy, Restricted Read and View Only role definition ? Since Role Type for those Role Definition is None ? Thanks to Alex Sadomov blog, I found the solution …

                SPRoleDefinition roleDefinitionManageHierarchy = web.RoleDefinitions.Cast<SPRoleDefinition>().FirstOrDefault(r => r.Name == "Manage Hierarchy");
                SPRoleDefinition roleDefinitionApprove = web.RoleDefinitions.Cast<SPRoleDefinition>().FirstOrDefault(r => r.Name == "Approve");
                SPRoleDefinition roleDefinitionViewOnly = web.RoleDefinitions.Cast<SPRoleDefinition>().FirstOrDefault(r => r.Name == "View Only");
                SPRoleDefinition roleDefinitionRestrictedRead = web.RoleDefinitions.Cast<SPRoleDefinition>().FirstOrDefault(r => r.Name == "Restricted Read");

What about if you have Multilingual SharePoint site?

Long story short, you need to use Microsoft.SharePoint.Publishing.Internal.StringIds to retrieve the Role Name.

using System.Resources;
using System.Reflection;
using Microsoft.SharePoint.Publishing.Internal;

public class PublishingResources
    private static ResourceManager resourceManager;

    static PublishingResources()
        var resourceAssembly = Assembly.Load("Microsoft.SharePoint.Publishing.intl, Version=, Culture=neutral, PublicKeyToken=71e9bce111e9429c");
        resourceManager = new ResourceManager("Microsoft.SharePoint.Publishing.Strings", resourceAssembly);

    internal static string GetString(string resourceName, CultureInfo cultureInfo)
        return resourceManager.GetString(resourceName, cultureInfo);

string roleName = PublishingResources.GetString(StringIds.RoleNameHierarchyManager, web.UICulture);
SPRoleDefinition roleDefinitionManageHierarchy = web.RoleDefinitions.Cast<SPRoleDefinition>().FirstOrDefault(r => r.Name == roleName);

roleName = PublishingResources.GetString(StringIds.RoleNameApprover, web.UICulture);
SPRoleDefinition roleDefinitionApprove = web.RoleDefinitions.Cast<SPRoleDefinition>().FirstOrDefault(r => r.Name == roleName);

roleName = PublishingResources.GetString(StringIds.RoleNameViewer, web.UICulture);
SPRoleDefinition roleDefinitionViewOnly = web.RoleDefinitions.Cast<SPRoleDefinition>().FirstOrDefault(r => r.Name == roleName);



Tagged: , , , , , ,

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: