Display the SharePoint list item permissions using REST API

Lets see how we can display the SharePoint list item permissions using REST API

I am going to use the SharePoint hosted app and SharePoint online. You could use an on premises installation as well.

Lets start by creating a SharePoint hosted app. Update the App.js as follows:

'use strict';

var hostweburl;
var appweburl;
var executor;

$(document).ready(function () {

// retrieve the hostweb url and appweb url from the query string
function getCustomPermission() {
  $(document).ready(function () {
    hostweburl =
    appweburl =

    var scriptbase = hostweburl + "/_layouts/15/";

    $.getScript(scriptbase + "SP.RequestExecutor.js", getRoleAssignments);

//make the rest call
function getRoleAssignments() {
  executor = new SP.RequestExecutor(appweburl);

            appweburl +
            "/_api/SP.AppContextSite(@target)/web/lists/getbytitle('Test')/items(1)?$expand=RoleAssignments/Member/Users&@target='" +
            hostweburl + "'",
        method: "GET",
        headers: { "Accept": "application/json; odata=verbose" },
        success: successHandler,
        error: errorHandler

//display results
function successHandler(data) {
  var jsonObject = JSON.parse(data.body);
  var roleAssignmentHTML = "";

  var results = jsonObject.d.RoleAssignments.results;
  for (var i = 0; i < results.length; i++) {

    roleAssignmentHTML = roleAssignmentHTML +
          "<p><b>" + results[i].Member.OwnerTitle +
    var users = results[i].Member.Users.results;
    if (users) {
      for (var u = 0; u < users.length; u++) {
        roleAssignmentHTML = roleAssignmentHTML + "<p>" + users[u].Title + "</p>";
  document.getElementById("message").innerHTML =

function errorHandler(data, errorCode, errorMessage) {
  document.getElementById("message").innerText =
      "Could not complete cross-domain call: " + errorMessage;

function getQueryStringParameter(paramToRetrieve) {
  var params =
  var strParams = "";
  for (var i = 0; i < params.length; i = i + 1) {
    var singleParam = params[i].split("=");
    if (singleParam[0] == paramToRetrieve)
      return singleParam[1];

Notice that we are using the $expand=RoleAssignments/Member/Users to get the user information present in each assignment.

App Permissions

In deploying to production you need to try out the different permission levels to ensure you are using the minimum required permissions.

This approach requires that we have a high enough permission level because we are listing the information of other users also.

When you build and execute the code, it should list the users and SharePoint groups which have the permission on the item.

Item Level Permissions Output

I have uploaded the code for this solution in github at ItemLevelPermissions

Creating a SharePoint SPA using AngularJS and Breeze

Today, we will look at creating a SharePoint SPA using AngularJS and Breeze in a SharePoint hosted app. Single Page Apps or SPA does not mean the application is limited to one page. The experience of navigating between pages is seamless for the user without the postback which happens when navigating to a page.
Continue reading “Creating a SharePoint SPA using AngularJS and Breeze”

PowerShell for Office 365

We can use the admin center of Office 365 for managing Office 365 and SharePoint Online. However, if we use the PowerShell for Office 365 to create scripts for regular tasks, it will be much easier and consistent on an ongoing basis. Lets explore how we can leverage PowerShell for Office 365 from a remote machine.
Continue reading “PowerShell for Office 365”