SharePoint: How do I add and remove unique permissions in Powershell?
Here are two useful scripts to help you on your way:
function SetPermission($url, $list, $group, $permission)
{
$spWeb = Get-SPWeb $url
$selectedList = $spWeb.Lists[$list]
# Assign the "Contribute" RoleDefition to the site's visitors group
$visitorsSPGroup = $spWeb.Groups[$group]
If (! $selectedList.HasUniqueRoleAssignments) {
$selectedList.BreakRoleInheritance($true)
}
$assignment = New-Object Microsoft.SharePoint.SPRoleAssignment($visitorsSPGroup)
$assignment.RoleDefinitionBindings.Add(($spWeb.RoleDefinitions | Where-Object { $_.Type -eq $permission }))
$selectedList.RoleAssignments.Add($assignment)
$selectedList.Update()
$spWeb.Dispose()
}
function RemovePermission($url, $list, $group)
{
$spWeb = Get-SPWeb $url
$selectedList = $spWeb.Lists[$list]
$visitorsSPGroup = $spWeb.Groups[$group]
If (!$selectedList.HasUniqueRoleAssignments) {
$selectedList.BreakRoleInheritance($true)
}
$web.AllowUnsafeUpdates = $true;
[Microsoft.SharePoint.SPRoleAssignmentCollection] $spRoleAssignments = $selectedList.RoleAssignments
for ([int] $a = $spRoleAssignments.Count - 1; $a -ge 0; $a--)
{
if ($spRoleAssignments[$a].Member.Name -eq $group)
{
$spRoleAssignments.Remove($a);
}
}
$web.Dispose()
}
function SetPermission($url, $list, $group, $permission)
{
$spWeb = Get-SPWeb $url
$selectedList = $spWeb.Lists[$list]
# Assign the "Contribute" RoleDefition to the site's visitors group
$visitorsSPGroup = $spWeb.Groups[$group]
If (! $selectedList.HasUniqueRoleAssignments) {
$selectedList.BreakRoleInheritance($true)
}
$assignment = New-Object Microsoft.SharePoint.SPRoleAssignment($visitorsSPGroup)
$assignment.RoleDefinitionBindings.Add(($spWeb.RoleDefinitions | Where-Object { $_.Type -eq $permission }))
$selectedList.RoleAssignments.Add($assignment)
$selectedList.Update()
$spWeb.Dispose()
}
function RemovePermission($url, $list, $group)
{
$spWeb = Get-SPWeb $url
$selectedList = $spWeb.Lists[$list]
$visitorsSPGroup = $spWeb.Groups[$group]
If (!$selectedList.HasUniqueRoleAssignments) {
$selectedList.BreakRoleInheritance($true)
}
$web.AllowUnsafeUpdates = $true;
[Microsoft.SharePoint.SPRoleAssignmentCollection] $spRoleAssignments = $selectedList.RoleAssignments
for ([int] $a = $spRoleAssignments.Count - 1; $a -ge 0; $a--)
{
if ($spRoleAssignments[$a].Member.Name -eq $group)
{
$spRoleAssignments.Remove($a);
}
}
$web.Dispose()
}
Comments
Post a Comment