Grant Access to ‘SharePoint Group’ on Item Level Permission using Client Side Scripting (JSOM) in SharePoint 2010 and 2013

Ahamed Fazil Buhari
Senior Developer
Published On :   04 Feb 2017
Visit Count
Today :  1    Total :   2880

In my previous article we have seen ‘How to Break Inherit Permission and Grant Access to Specific User on SharePoint List Items or Folders (Multiple) using SPServices and JavaScript’ here in this article we can see how to grant access to SharePoint group.

For example, consider that we’ve a library named ‘Shared Document’ and we need to grant access to specific Items inside that library to a SharePoint Group called ‘Document Managers’. Initially we need to get all the Item ID’s or folder ID’s which would be accessible by a SharePoint Group called ‘Document Managers’

Using the below SPServices, we can get all the Item & Folder ID’s in a JSON object

 var folderID = {};
 // Use SPServices or REST API to get all the item ID's
     operation: "GetListItems",
     async: false,
     listName: "Shared Document",
     CAMLQuery: "<< Query based on your req. >>",
     completefunc: function (xData, Status) {
         $(xData.responseXML).SPFilterNode("z:row").each(function () {
         var folderVal = $(this).attr("ows_ID"); || '';
         if (folderVal != '') {
             var folder_ID = {};
             folder_ID["folderID"] = folderVal;
             folderID[folderVal] = folder_ID;            
 //SharePoint 2010, Group can be resolved using groupID not by groupName
 //you can get the groupID value in URL after navigating to that SharePoint Group
 var groupID = 25;
 GrantAccesstoGroup(folderID, groupID)

Use the below JSOM script to grant access to SharePoint group on a specific Items.

Please note that, SharePoint Group can be resolved using groupID in SharePoint 2010. In SharePoint 2013, group can be resolved using its name as well using getByName(‘groupName’).

 function GrantAccesstoGroup(folderID, groupID){
     SP.SOD.executeFunc("sp.js", 'SP.ClientContext', AccessToGroupOnSecurityInheritance(folderID, groupID));
 function AccessToGroupOnSecurityInheritance(folderID, groupID) {
 	var context = SP.ClientContext.get_current();
     var oList = context.get_web().get_lists().getByTitle('Shared Document');   
 	$.each(folderID, function (key, value) { 	   
 		var folderID_int = parseInt(value.folderID);         
 		var oListItem = oList.getItemById(folderID_int);
 		//Break Role Inheritance if u need to,
 		var collGroup = context.get_web().get_siteGroups();	    
 	       var oGroup = collGroup.getById(groupID);	
              //In SharePoint 2013 group can be resolved using by its name as well
 	      //var oGroup = collGroup.getByName(groupName);
         //Defining the Role
 	    var collRoleDefinitionBinding = SP.RoleDefinitionBindingCollection.newObject(context);	
 	    oListItem.get_roleAssignments().add(oGroup, collRoleDefinitionBinding);
 	    context.executeQueryAsync(onQuerySucceeded, onQueryFailed);
 function onQuerySucceeded() {
     console.log('Access Granted to SharePoint Group');
 function onQueryFailed() {
     console.log('Request failed.');

Happy Coding