Assigning Unique Permissions to the List and Libraries in SharePoint 2013 using PowerShell

In SharePoint 2013 we will be having requirements to assign unique permissions to a list or library in a site. This we can achieve from the list or Library Settings page Permissions for this list option through UI.
Same functionality we can achieve through Powershell script as well which will help us to maintain it as a generic script so that we can use it in the future for the same kind of requirement.
Here we are going to generate a generic script which will obtain the parameters like Site URL, List Name, Group Name and Permission level dynamically to assign the unique permission to the respective list.
One more script which will get the parameters Site URL, Group Name and Permission Level and loop through all the lists and libraries in the site and assign the provided permission level to the List.

Generating the Script:


To generate the script we need to open the Windows Powershell ISE and write the Powershell commands to do the actions.
Below is the script to assign the unique permission to a specific list or library in the site:

 Write-Host "Please Enter the List or Library Name to assign the Permission:"
 $ListName = Read-Host

 Write-Host "Please Enter the Group Name :"
 $GroupName = Read-Host

 Write-Host "Please Enter the Permission Level to be assigned :"
 $PermissionLevel = Read-Host
   
    $web = Get-SPWeb -Identity $Url
    $list = $web.Lists.TryGetList($ListName)

    if ($list -ne $null)
    {
        // Ensure that the permissions are not being inherited.
        if ($list.HasUniqueRoleAssignments -eq $False)
        {
            $list.BreakRoleInheritance($True)
      
       Write-Host "Permission Inheritance Stopped" -foregroundcolor Green
        }

        // Modify the permissions.
        if ($web.SiteGroups[$GroupName] -ne $null)
        {
            $group = $web.SiteGroups[$GroupName]
            $roleAssignment = new-object Microsoft.SharePoint.SPRoleAssignment($group)
            $roleDefinition = $web.RoleDefinitions[$PermissionLevel];
            $roleAssignment.RoleDefinitionBindings.Add($roleDefinition);
            $list.RoleAssignments.Add($roleAssignment)
            $list.Update();
            Write-Host "Successfully added $PermissionLevel permission to $GroupName group in $ListName list. " -foregroundcolor Green
        }
        else
        {
            Write-Host "Group $GroupName does not exist." -foregroundcolor Red
        }

    }

    $web.Dispose()


Here,
 Write-Host "Please Enter the List or Library Name to assign the Permission:"
 $ListName = Read-Host

 Write-Host "Please Enter the Group Name :"
 $GroupName = Read-Host

 Write-Host "Please Enter the Permission Level to be assigned :"
 $PermissionLevel = Read-Host

These lines will be taking the values for the parameters dynamically.
    $web = Get-SPWeb -Identity $Url
    $list = $web.Lists.TryGetList($ListName)

These two lines will be getting the SPWeb and SPList object for the provided site URL and List Name.

Script to assign unique permissions for all the lists in a site:


Write-Host "Please Enter the Site Url :"
$webUrl = Read-Host

$web = Get-SPWeb -Identity $webUrl

Write-Host "Please Enter the Group Name :"
$GroupName = Read-Host

Write-Host "Please Enter the Permission Level need to be applied :"
$PermissionLevel = Read-Host

foreach($list in $web.lists)
{
   $ListName = $list.Title
   
    if ($list.HasUniqueRoleAssignments -eq $False)
        {
            $list.BreakRoleInheritance($True)

            Write-Host "Permission Inheritance is Stopped"
        }
       
        if ($web.SiteGroups[$GroupName] -ne $null)
        {
            $group = $web.SiteGroups[$GroupName]
            $roleAssignment = new-object Microsoft.SharePoint.SPRoleAssignment($group)
            $roleDefinition = $web.RoleDefinitions[$PermissionLevel];
            $roleAssignment.RoleDefinitionBindings.Add($roleDefinition);
            $list.RoleAssignments.Add($roleAssignment)
            $list.Update();
            Write-Host "Successfully added $PermissionLevel permission to $GroupName group in $ListName list. " -foregroundcolor Green
        }
        else
        {
            Write-Host "Group $GroupName does not exist." -foregroundcolor Red
        }


}


This Script will get the values for the parameters site URL, Group Name and Permission Level and loop through all the lists in the site and stop the inheritance of permissions from the site level and assign the unique permissions.

Comments

Post a Comment

Popular posts from this blog

Host Named Site Collections (HNSC) in SharePoint 2013

Image
In SharePoint 2013 we can have different DNS for each site collections using Host Named Site Collection feature, instead of following the same URL of the Web Application (Path-based site collection). Host Named Site Collections are the preferred method to deploy the sites in SharePoint 2013 and Office 365 as many features are optimized for this. Path-Based Site Collections : When we create a Site Collection in Central Administration under any of the web application default the base URL of the Web Application is prepended and we can add more managed paths as well from manage web applications in Central Admin. So how many numbers of site collections we are going to create under this web application the same path will be maintained. And to have the unique DNS for a site collection we need to use alternate access mappings which, which will not be optimum in certain scenarios .so We can go with creating Host Named Site Collection. As well as we ca...
Read more

Creating a Custom Master Page using Design Manager in SharePoint 2013

Image
A custom Master Page can be created by converting our custom HTML design, CSS files and other supporting files using the Design Manager. Prerequisites: ·          Design Manager is a Publishing feature, it is available only in the publishing site portal, and we should make sure that we are working on the Publishing site to get this feature available. ·          To use the Design Manager the user should have Design Permissions to the current working site. Steps: To create a Custom Master Pager we need to follow the below steps ·          We need to create our custom design , a custom design consists of o    At   least one HTML file that will be converted to SharePoint Master Page o    One or more CSS files o    JavaScript files o    Images o    Other supporting files ·    ...
Read more