Break Inheritance And Implementing Unique Permissions In SharePoint 2016 Using REST API

Inheritance of permissions is one of the security features that come out of the box in SharePoint. Whenever a new item is created, by default, it inherits the permissions of the parent, unless specifically unique permissions are assigned to it. When a list item is created, it will inherit the permissions of its parent list. Similarly, when a Web is created, it will inherit the parent Web’s permissions. Out of the box, we can break the inheritance chain by going to the permissions settings of the object. In case of a list, we can go to the 'list settings’ -> ‘Permissions for this list’ and manage the permissions.

Prior to breaking the inheritance, the permission settings will look, as shown below:

settings

Once the permission is broken, the permission settings will change to:

permission

Though we can do it out of the box, at times, we have to programmatically implement the same, using JSOM or REST, when programming from the client side. In this article, we will see, how to implement the unique permissions to a list by breaking its inheritance. We will be working with the list ‘CustomList’ to implement the unique permissions.

CustomList

Break Inheritance

In order to break the inheritance, we will be making use of the REST Endpoint URL, given below:

"/_api/web/lists/getByTitle('CustomList')/breakroleinheritance(copyRoleAssignments=true, clearSubscopes=true)"

We will be issuing a POST AJAX request, once the REST URL is created. The header section will look, as given below:

  1. headers: {  
  2.     "accept""application/json;odata=verbose",  
  3.     "content-Type""application/json;odata=verbose",  
  4.     "X-RequestDigest": jQuery("#__REQUESTDIGEST").val()  
  5. },  
Here, accept attribute specifies the data type for the return value and content-type defines the data type for the data sent to the Server. In POST request, we have to send the X-RequestDigest value along with the request for form validation without which, we will get a validation error. To fulfil this, we will be assigning the $("#__REQUESTDIGEST").val(), which sets the value of the form digest control, present within the page to X-RequestDigest key.

Output

Once the script is run on the client side, we will get a notification in the developer console, indicating the successful implementation of unique permissions.

Output

Full Code

The full code to implement unique permissions in a list by breaking its inheritance, using REST API is shown below:
  1. <script language="javascript" type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jquery/1.8.1/jquery.min.js"></script>  
  2. <script language="javascript" type="text/javascript">  
  3.     $(document).ready(function() {  
  4.         var breakPermissionsEndPoint = "/_api/web/lists/getByTitle('CustomList')/breakroleinheritance(copyRoleAssignments=true, clearSubscopes=true)";  
  5.         breakInheritance(breakPermissionsEndPoint)  
  6.     });  
  7.   
  8.     function breakInheritance(breakPermissionsEndPoint) {  
  9.         $.ajax({  
  10.             url: _spPageContextInfo.webAbsoluteUrl + breakPermissionsEndPoint,  
  11.             type: "POST",  
  12.             headers: {  
  13.                 "accept""application/json;odata=verbose",  
  14.                 "content-Type""application/json;odata=verbose",  
  15.                 "X-RequestDigest": jQuery("#__REQUESTDIGEST").val()  
  16.             },  
  17.             success: function(data) {  
  18.                 console.log(data);  
  19.                 console.log("Inheritance has been broken for the list successfully.");  
  20.             },  
  21.             error: function(error) {  
  22.                 alert(JSON.stringify(error));  
  23.             }  
  24.         });  
  25.     }  
  26. </script>  
Let’s see how we can implement it in SharePoint. Save the script as a text file and upload it to the site assets library.

SharePoint Implementation

 

  • Go to the edit settings of the SharePoint page and click Web part from the Insert tab, shown below:

    edit settings

  • Add Content Editor Web part.

    Content Editor Web part

  • Click on Edit Web art from Content Edit Web part. Assign the URL of the script text file and click Apply.

    Content Edit Web part

  • Click Apply and we can see the successful inheritance broken message.

Going to the list’s permissions page, we can see that the unique permissions are assigned to it.

permission’s

Summary

Thus, we saw, how to implement unique permissions in a list in SharePoint 2016 by breaking permissions inheritance from its parent, using REST API.