How to Get All the Site Permission Levels in SharePoint 2013 Online Using REST API

In this article, you will see how to get all the site permission levels using the REST API in SharePoint 2013 Online.
 

Introduction

 
SharePoint 2013 introduces a Representational State Transfer (REST) service that is comparable to the existing SharePoint client object models. This allows the developers to interact remotely with SharePoint data using any technology that supports REST web requests. This means that developers can do Create, Read, Update and Delete (CRUD) operations from their apps for SharePoint, solutions, and client applications, using REST web technologies and standard Open Data Protocol (OData) syntax. In this article you will see the following:
  • Create an app using NAPA Tool in SharePoint 2013 Online.
  • Cross-Domain Requests.
  • Get all the permission levels from the host site using the REST API.
Endpoint URI
 
https://sitename/_api/web/ RoleDefinitions
 
Note: If you are making cross-domain requests, then you need to add SP.AppContextSite(@target) and ?@target='<host web url>' to the endpoint URI.
 
HTTP Request
 
GET: Read a Resource.
 
Use the following procedure to create an app using NAPA Tool:
  1. Navigate to the SharePoint 2013 Online site.
  2. Click on Site Contents in the quick launch bar.
  3. Click on “Napa” Office 365 Development Tools.
     
    Office 365 Development Tools
     
  4. Click on Add New Project.
     
    Add New Project
     
  5. Select App for SharePoint, enter the Project name, and then click on Create.
     
    App for SharePoint
     
Permissions
 
Ensure appropriate permission is provided to access the content. Click on the Properties button, and then click on Permissions. Set the required permission to access the content.
 
Run Project
 
Default.aspx
 
Replace the contents of Default.aspx with the following:
  1. <%-- The markup and script in the following Content element will be placed in the <head>of the page --%>  
  2. <asp:content contentplaceholderid="PlaceHolderAdditionalPageHead" runat="server">  
  3.      <script type="text/javascript" src="https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.9.1.min.js"></script>  
  4.      <script type="text/javascript" src="/_layouts/15/sp.runtime.js"></script>  
  5.      <script type="text/javascript" src="/_layouts/15/sp.js"></script>  
  6.      <!-- Add your CSS styles to the following file -->  
  7.      <link rel="Stylesheet" type="text/css" href="../Content/App.css" />  
  8.      <!-- Add your JavaScript to the following file -->  
  9.      <script type="text/javascript" src="../Scripts/App.js"></script>  
  10. </asp:content>  
  11. <%-- The markup in the following Content element will be placed in the TitleArea of the page --%>  
  12. <asp:content contentplaceholderid="PlaceHolderPageTitleInTitleArea" runat="server">Page Title</asp:content>  
  13. <%-- The markup and script in the following Content element will be placed in the <body>of the page --%>  
  14. <asp:content contentplaceholderid="PlaceHolderPageTitleInTitleArea" runat="server">REST API Examples</asp:content>  
  15. <%-- The markup and script in the following Content element will be placed in the <body>of the page --%>  
  16. <asp:content contentplaceholderid="PlaceHolderMain" runat="server">  
  17.      <div>  
  18.           <p>  
  19.                <b>Permission Levels</b>  
  20.                <br />  
  21.                <select style="height:300px; width:310px" multiple="multiple" id="selectPermissionLevels"></select>  
  22.           </p>  
  23.      </div>  
  24. </asp:content> 
App.js
 
Replace the contents of App.js with the following:
  1. 'use strict';  
  2.   
  3. var hostweburl;  
  4. var appweburl;  
  5.   
  6. // Load the required SharePoint libraries.  
  7. $(document).ready(function() {  
  8.   
  9.     //Get the URI decoded URLs.  
  10.     hostweburl = decodeURIComponent(  
  11.         getQueryStringParameter("SPHostUrl"));  
  12.     appweburl = decodeURIComponent(  
  13.         getQueryStringParameter("SPAppWebUrl"));  
  14.   
  15.     // Resources are in URLs in the form:  
  16.     // web_url/_layouts/15/resource  
  17.     var scriptbase = hostweburl + "/_layouts/15/";  
  18.   
  19.     // Load the js file and continue to load the page with information about the site permission levels.  
  20.     // SP.RequestExecutor.js to make cross-domain requests  
  21.     $.getScript(scriptbase + "SP.RequestExecutor.js", loadPage);  
  22. });  
  23.   
  24. // Utilities  
  25. // Retrieve a query string value.  
  26. // For production purposes you may want to use a library to handle the query string.  
  27. function getQueryStringParameter(paramToRetrieve) {  
  28.     var params = document.URL.split("?")[1].split("&");  
  29.     for (var i = 0; i < params.length; i = i + 1) {  
  30.         var singleParam = params[i].split("=");  
  31.         if (singleParam[0] == paramToRetrieve) return singleParam[1];  
  32.     }  
  33. }  
  34.   
  35. function loadPage() {  
  36.     getPermissionLevels();  
  37. }  
  38. //Retrieve all of the site permission levels  
  39. function getPermissionLevels() {  
  40.     var executor;  
  41.   
  42.     // Initialize the RequestExecutor with the app web URL.  
  43.     executor = new SP.RequestExecutor(appweburl);  
  44.   
  45.     executor.executeAsync({  
  46.         url: appweburl + "/_api/SP.AppContextSite(@target)/web/RoleDefinitions?@target='" + hostweburl + "'",  
  47.         method: "GET",  
  48.         headers: {  
  49.             "Accept""application/json; odata=verbose"  
  50.         },  
  51.         success: getSitePermissionLevelsSuccessHandler,  
  52.         error: getsitePermissionLevelsErrorHandler  
  53.     });  
  54. }  
  55.   
  56. //Populate the selectPermissionLevels control after retrieving all of the site permission levels.  
  57. function getSitePermissionLevelsSuccessHandler(data) {  
  58.     var jsonObject = JSON.parse(data.body);  
  59.     var selectPermissionLevels = document.getElementById("selectPermissionLevels");  
  60.   
  61.     if (selectPermissionLevels.hasChildNodes()) {  
  62.         while (selectPermissionLevels.childNodes.length >= 1) {  
  63.             selectPermissionLevels.removeChild(selectPermissionLevels.firstChild);  
  64.         }  
  65.     }  
  66.     var results = jsonObject.d.results;  
  67.     for (var i = 0; i < results.length; i++) {  
  68.         var selectOption = document.createElement("option");  
  69.         selectOption.value = results[i].Name;  
  70.         selectOption.innerText = results[i].Name;  
  71.         selectPermissionLevels.appendChild(selectOption);  
  72.     }  
  73. }  
  74.   
  75. function getsitePermissionLevelsErrorHandler(data, errorCode, errorMessage) {  
  76.     alert("Could not get site permission levels: " + errorMessage);  

Deploy the App
  1. Click on Run Project.
     
    app
     
  2. The app will be packaged, deployed, and launched.
     
    Run
     
  3. Click on “Click here to launch your app in a new window”.
     
    new window
     
  4. Click on Trust it.
     
    Trust
     
  5. All permission levels from the host site are displayed.
     
    host site
     

Summary

 
Thus in this article, you saw how to get all the site permission levels using the REST API in SharePoint 2013 Online.