In this article I will show you how to Add or Remove
Item Level Permissions programmatically. I will show you this thing in
console application. You can use it anywhere based upon your
requirements.
Sometimes we are having a
business requirement like if someone is adding any item to a list or
document library than some users should have read permissions to it,
some of them should have write permissions and some of the users should
not have any access to that particular list item.
Then how to achieve this kind of requirements.
In
ideal situations we are writing Item Adding event handlers and based
upon business rules we are giving the access and removing the access
because whenever any user is adding any item than that item will inherit
the site level permissions. So on this event we can add or remove the
permissions to that list item.
Let's see how we can add or remove permissions at item level.
Step 0: Create one list named Check and add 2-3 items in it.
Click on Manage Permissions link and see who all are having permissions to that particular list item.
In
my case on "Ravish" list item this much user or Groups are having
access. Now our task is to remove all the users or groups who are having
the access and add only administrator to it. i.e. only administrator
should have the access.
We are doing this through sharepoint object model. Below are the steps of doing this.
Step 1: Create one console application.
Step 2: Add refernce to Microsoft.Sharepoint.dll
Step 3: Navigate to the List item by using sharepoint object model.
//Connect to Sharepoint Site
SPSite oSPSite = new SPSite("http://spdevserver:1002/");
//Open Sharepoint Site
SPWeb oSPWeb = oSPSite.OpenWeb();
//get the Sharepoint List
SPList oSPList = oSPWeb.Lists["Check"];
//Get the Sharepoint list item for giving permission
SPListItem oSPListItem = oSPList.Items[0];
Console.WriteLine(oSPListItem["Title"]);
Console.Read();
Step 4: Now we have navigated to List Item Ravish. Next step is to remove all the permissions for this list item.
Function Call
RemoveAllPermissions(oSPListItem);
Function Definition:
private static void RemoveAllPermissions(SPListItem CurrentlistItem)
{
//The
below function Breaks the role assignment inheritance for the list and
gives the current list its own copy of the role assignments
CurrentlistItem.BreakRoleInheritance(true);
//Get the list of Role Assignments to list item and remove one by one.
SPRoleAssignmentCollection SPRoleAssColn = CurrentlistItem.RoleAssignments;
for (int i = SPRoleAssColn.Count - 1; i >=0 ; i--)
{
SPRoleAssColn.Remove(i);
}
Console.WriteLine("All Permissions Removed");
}
After this check List Item permissions once agin by clicking on Manage Permissions Link.
You will see there are no items to show in this view. Means all the permissions for this list item has been removed.
Step 5: Next step is to add permissions to the same list item.
//Create new user to grant access
SPUserCollection users = oSPWeb.Users;
SPUser CurrentUser = users["Domain\\Administrator"];
//Add new permissions to List Items
//If you want to give access to a Group than pass SPGroup instead of SPUser. The same function will give access.
GrantPermission(oSPListItem, oSPWeb, SPRoleType.Contributor, CurrentUser);
Function Definition:
private static void GrantPermission(SPListItem CurrentListItem, SPWeb oSPWeb, SPRoleType SPRoleType, SPPrincipal SPPrincipal)
{
//Create one Role Definition i.e Full Controls, Contribute rights or Read rights etc.
SPRoleDefinition oSPRoleDefinition = oSPWeb.RoleDefinitions.GetByType(SPRoleType);
//Create one Role Assignment for the specified SP user or group. SPRoleAssignment oSPRoleAssignment = new SPRoleAssignment(SPPrincipal);
//Bind the role definition to the role assignment object created for the user or group. oSPRoleAssignment.RoleDefinitionBindings.Add(oSPRoleDefinition);
//Add it to the specified list item. CurrentListItem.RoleAssignments.Add(oSPRoleAssignment);
//update the list item so that specified user assignment will have the access. CurrentListItem.Update();
Console.WriteLine("All Permissions Removed");
Console.Read();
}
//Bind the role definition to the role assignment object created for the user or group. oSPRoleAssignment.RoleDefinitionBindings.Add(oSPRoleDefinition);
//Add it to the specified list item. CurrentListItem.RoleAssignments.Add(oSPRoleAssignment);
//update the list item so that specified user assignment will have the access. CurrentListItem.Update();
Console.WriteLine("All Permissions Removed");
Console.Read();
}
After this check List Item permissions once again by clicking on Manage Permissions Link.
You will see that new user has been added to the particular list item.
In this way we can add or remove the permission at Item Level in a sharepoint site.
Hope it will be a help to you.
Reference:
http://www.c-sharpcorner.com/uploadfile/Ravish001/programmatically-add-or-remove-item-level-permission-in-sharepoint-2007/
No comments:
Post a Comment