Share via

Run with elevated privillages using jsom

Mohammad Qasim 576 Reputation points
2021-12-27T18:52:36.207+00:00

Greetings,

I am using sharepoint 2019 on prem

I am using jsom to retrive data in dropdown ( html dropdown ) .

Problem : user has item level permision on list to read its own created item, i want to show all item on drop down list not only those item,which is created by him.

Solution required: is there any "run with elevated privilliage" to execute jsom to let specific all items.

Note: i dont want to change in item level permision as i have set " view created by user "

Thanks

Microsoft 365 and Office | SharePoint Server | Development
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. sadomovalex 3,636 Reputation points
    2021-12-28T14:42:32.037+00:00

    in JSOM it is not possible (otherwise it would be security breach). If you work with on-prem version you may create custom web service (e.g. ashx handler in /_layouts/subfolder with codebehind assembly installed to GAC) which will read items with elevated privileges on server side and return it in JSON format to client side. On client side you will need to call this custom web service (e.g. using jQuery.ajax() call) instead of JSOM.

    Note however that with this approach users may get access to those list items for which they don't have access, so think carefully before to use it.

    Was this answer helpful?

    0 comments
  2. RaytheonXie_MSFT 40,496 Reputation points Microsoft External Staff
    2021-12-28T02:33:29.327+00:00

    Hi @Mohammad Qasim ,
    This is not possible to retrieve all items while using Read items that were created by the user settings. If you want to use Jsom grant permission. You must remove Read items that were created by the user settings. Then you can refer to the following code 

    function UpdatePermissionLevel() {  
    // You can optionally specify the Site URL here to get the context  
    // If you don't specify the URL, the method will get the context of the current site  
    // var clientContext = new SP.ClientContext("http://MyServer/sites/SiteCollection");  
    var clientContext = new SP.ClientContext();  
   
    var oRoleDefinition = clientContext.get_web().get_roleDefinitions().getByName("Custom Role");  
   
    // BasePermissions Object  
    var oBasePermissions = new SP.BasePermissions();  
   
    oBasePermissions.set(SP.PermissionKind.viewListItems);  
   
    // set role definition permission level  
    oRoleDefinition.set_basePermissions(oBasePermissions);  
   
    // Set Role definition description  
    oRoleDefinition.set_description('Updated Custom Role Description');  
   
    // Update role definition  
    oRoleDefinition.update();  
   
    // Execute the query to the server.  
    clientContext.executeQueryAsync(onsuccess, onfailed);  
}  
   
function onsuccess() {  
    console.log('Success');  
}  
   
function onfailed(sender, args) {  
    console.log('Failed' + args.get_message() + '\n' + args.get_stackTrace());  
}

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.