Set custom level permission SharePoint PowerShell

Hello,


Some time we need to apply a script on all the web application, today we can set the permission level for a specific group.

for the base permission you can use:
 ViewListItems
AddListItems
EditListItems
DeleteListItems
ApproveItems
OpenItems
ViewVersions
DeleteVersions
CancelCheckout
ManagePersonalViews
ManageLists
ViewFormPages
Open
ViewPages
AddAndCustomizePages
ApplyThemeAndBorder
ApplyStyleSheets
ViewUsageData
ManageSubwebs
CreateGroups
ManagePermissions
BrowseDirectories
BrowseUserInfo
AddDelPrivateWebParts
UpdatePersonalWebParts
ManageWeb
UseClientIntegration
UseRemoteAPIs
ManageAlerts
CreateAlerts
EditMyUserInfo
EnumeratePermissions
CreateSSCSite

below the script :


$sites = get-spsite -Limit ALL –webapplication [webapp url]
ForEach ($spSite in $Sites)       
{        

$spWeb = $spSite.RootWeb

# Enter the Name of the Permission Level to Change

if ($PermissionLevel=$spWeb.RoleDefinitions["custom deinifition"])
{

Write-Host "working with : " $spSite -ForegroundColor Green
$bps = $PermissionLevel.BasePermissions

Write-Host "saving base permission ..."
Write-Host $bps -ForegroundColor Cyan

# Enter all the permissions that Permission Level should have enabled

$PermissionLevel.BasePermissions="ManageSubwebs","$bps","ApplyThemeAndBorder,ApplyStyleSheets,ManageWeb"

Write-Host "Applying new base permission on ..."
Write-Host  $PermissionLevel.BasePermissions -ForegroundColor Magenta

$PermissionLevel.Update()
$spweb.Dispose()
$spsite.Dispose()
else
{
Write-Host "no custom definition  in " $spSite -red

Thanks.
Powered by Blogger.