Update User's Role Assignment In SharePoint Using JavaScript Object Model

Security management is a prime concern in SharePoint, as the right content has to be served to the right people with the adequate permissions. SharePoint recommends assigning role-based permissions. All the permissions are managed through the roles. Roles are classified into two sections:

  • Role Definition and
  • Role Assignment

Role definition, also known as a permission level, is the list of permissions, associated with the role. Full control, contribute, read, design, and limited access are some of the role definitions available. Role assignment is the relationship established between users/groups and the role definition. Hence, when we assign a role programmatically, it is a two-step process: instantiation of the role definition and an implementation of the role assignment to the user/group. You can check out, how to create a new role definition in this article.

Through this article, let’s see how we can add a role to user using JavaScript object model.

Internal Implementation

  • Add the reference to jQuery file.
    1. <script language="javascript" type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jquery/1.8.1/jquery.min.js"></script>   
    2. <script language="javascript" type="text/javascript">   
  • Within the document ready function, call SP.SOD.executeFunc, so as to load the on demand script SP.js . Call the main starting point function, say: addRoleToUser.
    1. SP.SOD.executeFunc('sp.js''SP.ClientContext', addRoleToUser);  
  • Instantiate the client context and get the Web instance.
    1. var clientContext = new SP.ClientContext.get_current();   
    2. var oWeb = clientContext.get_web();  
  • Once the Web object is retrieved, get the group to assign the role.
    1. //Get current user and role definition object   
    2. var oUser = oWeb.get_currentUser();   
  • Get the role definition and role definition binding collection.
    1. var roleDef = oWeb.get_roleDefinitions().getByName("Custom Role Definition");   
    2. var collRoleDefinitionBinding = SP.RoleDefinitionBindingCollection.newObject(clientContext);   
  • Get the role assignment collection for the target Web and assign the user; the new role definition binding collection.
    1. collRoleDefinitionBinding.add(roleDef);   
    2. oWeb.get_roleAssignments().add(oUser, collRoleDefinitionBinding);   
  • Load the client context and execute the batch, which will send the request to the Server and perform the entire JavaScript object model operation as a batch.
    1. clientContext.executeQueryAsync(Succeeded,Failure);  

Full Code: The full code to update the role definition is shown below:

  1. <script language="javascript" type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jquery/1.8.1/jquery.min.js"></script>  
  2. <script language="javascript" type="text/javascript">  
  3.     $(document).ready(function() {  
  4.         SP.SOD.executeFunc('sp.js''SP.ClientContext', addRoleToUser);  
  5.     });  
  7.     function addRoleToUser() {  
  8.         //Get client context and web object   
  9.         var clientContext = new SP.ClientContext.get_current();  
  10.         var oWeb = clientContext.get_web();  
  11.         //Get current user and role definition object   
  12.         var oUser = oWeb.get_currentUser();  
  13.         var roleDef = oWeb.get_roleDefinitions().getByName("Custom Role Definition");  
  14.         var collRoleDefinitionBinding = SP.RoleDefinitionBindingCollection.newObject(clientContext);  
  15.         //Add the role definition to the user's role definition collection   
  16.         collRoleDefinitionBinding.add(roleDef);  
  17.         oWeb.get_roleAssignments().add(oUser, collRoleDefinitionBinding);  
  18.         //Execute the batch   
  19.         clientContext.executeQueryAsync(Succeeded, Failure);  
  20.     }  
  22.     function Succeeded() {  
  23.         console.log('The role definition has been added to the user.');  
  24.     }  
  26.     function Failure(sender, args) {  
  27.         console.log('Request failed' + args.get_message());  
  28.     }  
  29. </script>  
We can test this in SharePoint by adding it to the Content Editor Web part as below,

SharePoint Implementation


  • Save the above code to a text file and save it into one of the SharePoint Libraries, say: Site Assets.
  • Go to the edit settings of the SharePoint page and click on Web part from the Insert tab,
  • Web part


  • Add Content Editor Web part.

  • Content Editor

  • Click Edit Web art from Content Edit Web part. Assign the URL of the script text file and click Apply.

    Content Editor

  • Click Apply. This will add the new role definition to the user.

Output: Before running JSOM code in the client side Browser, the screen will look, as shown below:


After running JSOM code in the client side browser, Custom Role Definition has been added to the user.



Thus, we have seen, how to add the new role definition to SharePoint Users. This has been tested in both SharePoint 2016 and Office 365.