SharePoint Copy permission, create group and assign permission to document library or list programmatically

This is an example to do stuff as written in the post title :)


?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
public override void FeatureActivated(SPFeatureReceiverProperties properties)
  {
      // Retrieve the current web object (Site feature so feature Parent will be SPSite)
      SPWeb web = ((SPSite)properties.Feature.Parent).RootWeb;
 
      CreateSecurity(web);
  }
 
  private void CreateSecurity(SPWeb web)
  {
      try
      {
          web.AllowUnsafeUpdates = true;
 
          //Create Custom Role
          var roleExists = web.RoleDefinitions.Cast<SPRoleDefinition>().Any(r => r.Name == "Custom Role");
 
          if (!roleExists)
          {
              // This code copies the Contribute permission level and removes DeleteListItems permissions
              SPRoleDefinition roleDefinitionContribute = web.RoleDefinitions.GetByType(SPRoleType.Contributor);
              SPRoleDefinition newRoleDefinitionCustomUser = new SPRoleDefinition(roleDefinitionContribute);
              newRoleDefinitionCustomUser .BasePermissions ^= SPBasePermissions.DeleteListItems;
              newRoleDefinitionCustomUser .BasePermissions ^= SPBasePermissions.CreateSSCSite;
              newRoleDefinitionCustomUser .Name = "Custom Role";
              newRoleDefinitionCustomUser .Description = "This the permission level for Custom Role";
              web.RoleDefinitions.Add(newRoleDefinitionCustomUser);
 
              web.Update();
          }
 
          //Group name / doc library name
          Dictionary<string, string[]> docLibraryPermissions = new Dictionary<string, string[]>()
          {
              {"Group 1", new string[] {"DocLib 1"}},
              {"Group 2", new string[] {"DocLib 2", "DocLib 3"}}
          };
 
          foreach (KeyValuePair<string, string[]> item in docLibraryPermissions)
          {
              GetCreateSiteGroup(web, item);
          }
      }
      catch (Exception ex)
      {
          Console.WriteLine(ex.Message);
      }
      finally
      {
          web.AllowUnsafeUpdates = false;
      }
  }
 
  private void GetCreateSiteGroup(SPWeb web, KeyValuePair<string, string[]> item)
  {
      var groupName = item.Key;
 
      if (!GroupExistsInSiteCollection(web, groupName))
      {
          web.SiteGroups.Add(groupName, web.Site.Owner, web.Site.Owner, groupName);
 
          SPRoleDefinition role = web.RoleDefinitions["Custom Role"];
          SPRoleAssignment roleAssignment = new SPRoleAssignment(web.SiteGroups[groupName]);
          roleAssignment.RoleDefinitionBindings.Add(role);
          web.RoleAssignments.Add(roleAssignment);
          web.Update();
      }
 
      foreach (string docLibName in item.Value)
      {
          AssignPermissionsToItem(web, web.Lists[docLibName], web.SiteGroups[groupName]);
      }
  }
 
  private bool GroupExistsInSiteCollection(SPWeb web, string name)
  {
      return web.SiteGroups.OfType<SPGroup>().Count(g => g.Name.Equals(name, StringComparison.InvariantCultureIgnoreCase)) > 0;
  }
 
  public static void AssignPermissionsToItem(SPWeb web, SPSecurableObject secObj, SPPrincipal obj)
  {
      if (!secObj.HasUniqueRoleAssignments)
      {
          secObj.BreakRoleInheritance(false, true);
      }
 
      SPRoleAssignment roleAssignment = new SPRoleAssignment(obj);
      SPRoleDefinition roleDefinition = web.RoleDefinitions["Custom Role"];
      roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
 
      secObj.RoleAssignments.Add(roleAssignment);
  }

HTH,
Andreas

Comments

Post a Comment

Popular posts from this blog

SharePoint 2013 anonymous access add attachments to list item

Image
Hi, Sometimes you want to enable anonymous access to be able to add a list item but at the same time attaching some documents. After good few hours playing around trying to make this work, turns out that we can achieve this functionality. The trick is to use RunWithElevatedPrivileges method for the file upload. We also want the file upload functionality to be available on the NewForm.aspx as it wouldn't make sense to put it in other forms as any user would be able to upload files to other records. The result will be something like this: When it is saved, the user is redirected to the display form: The close button then will take the user back to the homepage (or any page you desire) The steps: 1. Create an ascx control to host your file upload control in your project.  Put the below script in the ascx as well (credit to this post ): The code behind: 2. Create custom form template. You have to put the ascx in the CONTROLTEMPLATES folder of the ...
Read more

CRM Plugin - Parent and Child Pipeline

This concept tends to confuse people often - and I was no exception. I came across this problem when trying to create custom auto-numbering for one of my projects. Creating auto-number for Opportunity is easy. This is because the user creates opportunity straight from the home screen - thus the plugin runs on parent pipeline. However, it's a different story if you are dealing with Quote entity. Quote can be created in 2 ways, through the home screen OR the opportunity screen. If you create it from the latter, it will run on the child pipeline and you will find that your plugin will not work. Registering it as a child pipeline is easy, but CRM makes it harder since you can't use ICRMService. Instead, you have to create CRMService manually by using this piece of code: Not only that, with the child plugin you can't use Query expression to fetch other entities in your code unless you register it as ASYNCHRONOUS plugin. Mark Kovalcson in his blog found out that: A C...
Read more