Assign read and admin roles to the users on a list item in SPOnline using JSOM

sharepoint.stackexchange https://sharepoint.stackexchange.com/questions/285099

Question

I am now inheriting the permissions as I only have two groups which is group1 which has full control already and the other group is domain group which is everybody in the org so I removed that group by using deleteObject. I still can't give Author of the list item read permissions.

Error I get is. "Unknown Error" or "Invalid Request"

//variable declaration
var collListItems;
var getItemCount;
var sArd;
var selectedItem;
var requesterPermissions;

$(document).ready(function () 
{
    retreiveFieldValues();
});

/*------------------------RETRIEVE ALL ITEMS COLLECTION FUNCTION-----------------------------------*/
/*------------------------------------------------------------------------------------------------------------*/
function retreiveFieldValues() 
{
    var context = SP.ClientContext.get_current();
    sArd= context.get_web().get_lists().getByTitle('MyList');
    var camlQuery = new SP.CamlQuery();
    collListItems = sArd.getItems(camlQuery);
    context.load(sArd);
    context.load(collListItems);
    context.executeQueryAsync(onSuccess, onFailure);
}
function onSuccess() 
{
    getItemCount = sArd.get_itemCount();
    retreiveSelectedItem(getItemCount);
//Ending of On Query Success of retrieve field values function
}
function onFailure(sender, args) {
    console.log( " Failed to get the Values. Error: " + args.get_message());
}

/*------------------------RETRIEVE SELECTED ITEM BY ITEM ID FUNCTION-------------------------------*/
/*------------------------------------------------------------------------------------------------------------*/

function retreiveSelectedItem() 
   {
    console.log("No of Items inside Sub Method are: " + getItemCount);
    var context2 = SP.ClientContext.get_current();
    var sArd2= context2.get_web().get_lists().getByTitle('MyList');
    selectedItem = sArd2.getItemById(getItemCount);   
    context2.load(selectedItem);
    context2.executeQueryAsync(onCodeSuccess, onCodeFailure);   
}
function onCodeSuccess()
{
    console.log("Entered the On Success function");
    var createdBy = selectedItem.get_item('Author').get_lookupValue();
    console.log("Created By " + createdBy);
    var requestID = selectedItem.get_item("RequestID");
    console.log("Request ID " + requestID);      
    assignPermissions(this.createdBy, getItemCount);
}
function onCodeFailure(sender, args)
{
console.log("Failed in 2nd sub method "+ args.get_message());
}

/*---------------ASSIGN PERMISSIONS TO REQUESTER AND APPROVER FUNCTION ---------------------*/
/*------------------------------------------------------------------------------------------*/
 function assignPermissions()
    {
    var context3 = new SP.ClientContext.get_current();
    var sArd3= context3.get_web().get_lists().getByTitle('MyList');
    selectedItem = sArd3.getItemById(getItemCount);        
    selectedItem.breakRoleInheritance(true);    
    selectedItem.get_roleAssignments().getByPrincipalId(8).deleteObject(); 
    requesterPermissions = SP.RoleDefinitionBindingCollection.newObject(context3);
    requesterPermissions.add(context3.get_web().get_roleDefinitions().getByType(SP.RoleType.reader));
    selectedItem.get_roleAssignments().add(createdBy, requesterPermissions);
    console.log("Assigned read permissions to requester");
    context3.load(sArd3);
    //context3.load(createdBy);                                                         
    context3.executeQueryAsync(onQuerySuccess, onQueryFail); 
    }  
    function onQuerySuccess()
    {    
     console.log("Added permissions");   
    }
    function onQueryFail(sender, args)
    {
    console.log("Failed in 3rd sub method. :"+ args.get_message());
    } 
</script>```

No correct solution

OTHER TIPS

You don't need to use login ID to assign permissions. In your code, you donnot assign permission to loggedInUser on the item. Below is my sample code to break the permissions on the item and assign read permission to loffedIn user, full control permission to a group. Hope it helps you:

var web=clientContext.get_web();
var user=web.get_currentUser();
var group = web.get_siteGroups().getByName("Group1");
var list = web.get_lists().getByTitle("Mylist");

item=list.getItemById(1);
   
item.breakRoleInheritance(false);

var requesterPermissions= SP.RoleDefinitionBindingCollection.newObject(clientContext);  

var adminPermissions= SP.RoleDefinitionBindingCollection.newObject(clientContext);

requesterPermissions.add(web.get_roleDefinitions().getByType(SP.RoleType.reader));

adminPermissions.add(web.get_roleDefinitions().getByType(SP.RoleType.administrator));
    
item.get_roleAssignments().add(user,requesterPermissions);
item.get_roleAssignments().add(group,adminPermissions);
item.update();
clientContext.load(item);
Licensed under: CC-BY-SA with attribution
Not affiliated with sharepoint.stackexchange
scroll top