/// <summary> /// Initializes a new instance of the <see cref="SitePolicySharingSetting" /> class. /// </summary> /// <param name="isEnabled">isEnabled.</param> /// <param name="sharingCapabilities">sharingCapabilities.</param> /// <param name="membersCanShare">membersCanShare.</param> /// <param name="allowMembersEditMembership">allowMembersEditMembership.</param> /// <param name="allowAccessRequests">allowAccessRequests.</param> /// <param name="requestAccessEmail">requestAccessEmail.</param> /// <param name="accessRequestType">accessRequestType.</param> /// <param name="accessRequestMessage">accessRequestMessage.</param> public SitePolicySharingSetting(bool isEnabled = default(bool), SharingCapabilities sharingCapabilities = default(SharingCapabilities), bool membersCanShare = default(bool), bool allowMembersEditMembership = default(bool), bool allowAccessRequests = default(bool), string requestAccessEmail = default(string), AccessRequestType accessRequestType = default(AccessRequestType), string accessRequestMessage = default(string)) { this.IsEnabled = isEnabled; this.SharingCapabilities = sharingCapabilities; this.MembersCanShare = membersCanShare; this.AllowMembersEditMembership = allowMembersEditMembership; this.AllowAccessRequests = allowAccessRequests; this.RequestAccessEmail = requestAccessEmail; this.AccessRequestType = accessRequestType; this.AccessRequestMessage = accessRequestMessage; }
/// <summary> /// Proposed permission model and permission delta for the created group /// </summary> /// <returns>PRIVATE or PUBLIC</returns> public Tuple <string, List <string> > PermissionModel(string claim1, string claim2) { // Do we have a public claim in Members, Owners or Admins? ==> PUBLIC site bool hasPublicClaimWithEditPermissions = HasClaim(Admins, claim1, claim2); if (!hasPublicClaimWithEditPermissions) { hasPublicClaimWithEditPermissions = HasClaim(Owners, claim1, claim2); } if (!hasPublicClaimWithEditPermissions) { hasPublicClaimWithEditPermissions = HasClaim(Members, claim1, claim2); } List <string> permissionDelta = new List <string>(); // Potential issue 1: private group, but public claim has been used outside of Site Admins, Owners, Members //if (EveryoneClaimsGranted && !hasPublicClaimWithEditPermissions) //{ // permissionDelta.Add("PrivateGroupButEveryoneUsedOutsideOfAdminOwnerMemberGroups"); //} //// Potential issue 2: public claim in visitors group will lead to private site while still allow everyone view access //if (HasClaim(Visitors, claim1, claim2) && !hasPublicClaim) //{ // permissionDelta.Add("PrivateGroupButEveryoneInVisitors"); //} // Potential issue 3: external sharing disabled, but will be possible by default on groups if (!String.IsNullOrEmpty(SharingCapabilities)) { if (SharingCapabilities.Equals("Disabled", StringComparison.InvariantCultureIgnoreCase)) { permissionDelta.Add("SharingDisabledForSiteButGroupWillAllowExternalSharing"); } } // Potential issue 4: sub site has broken permission inheritance if (SubSitesWithBrokenPermissionInheritance) { permissionDelta.Add("SubSiteWithBrokenPermissionInheritance"); } // Potential issue 5: ad groups used which will not expand into the Office 365 group if (ContainsADGroup(Owners) || ContainsADGroup(Admins) || ContainsADGroup(Members)) { permissionDelta.Add("ADGroupWillNotBeExpanded"); } return(new Tuple <string, List <string> >(hasPublicClaimWithEditPermissions ? "PUBLIC" : "PRIVATE", permissionDelta)); }
static void Main(string[] args) { /* Prompt for you Admin Tenant*/ Console.WriteLine("Enter your Tenant Admin URL for your Office 365 subscription:"); string tenantAdminURL = GetSite(); /* End Program if no tenantAdmin */ if (string.IsNullOrEmpty(tenantAdminURL)) { Console.WriteLine("Hmm, i tried to work on it but you didn't supply your admin tenant url:"); return; } // Request Office365 site from the user Console.WriteLine("Enter your Office 365 Site Collection URL:"); string siteUrl = GetSite(); /* Prompt for Credentials */ Console.WriteLine("Enter Credentials for your Office 365 Site Collection {0}:", siteUrl); string userName = GetUserName(); SecureString pwd = GetPassword(); /* End Program if no Credentials */ if (string.IsNullOrEmpty(userName) || (pwd == null)) { Console.WriteLine("Hmm, i tried to work on it but you didn't supply your credentials:"); return; } try { SharingCapabilities _sharingSettingToApply = GetInputSharing(siteUrl); using (ClientContext cc = new ClientContext(tenantAdminURL)) { cc.AuthenticationMode = ClientAuthenticationMode.Default; cc.Credentials = new SharePointOnlineCredentials(userName, pwd); SetSiteSharing(cc, siteUrl, _sharingSettingToApply); } } catch (Exception ex) { Console.WriteLine("Opps, Mistakes can happen to anyone. An Error occured : {0}", ex.Message); } Console.WriteLine("Hit Enter to exit."); Console.Read(); }
/// <summary> /// Sets the Site Collection External Sharing Setting using the SharePoint Tenant API /// </summary> /// <param name="adminCC"></param> /// <param name="siteCollectionURl"></param> /// <param name="shareSettings"></param> public static void SetSiteSharing(ClientContext adminCC, string siteCollectionURl, SharingCapabilities shareSettings) { var _tenantAdmin = new Tenant(adminCC); SiteProperties _siteprops = _tenantAdmin.GetSitePropertiesByUrl(siteCollectionURl, true); adminCC.Load(_tenantAdmin); adminCC.Load(_siteprops); adminCC.ExecuteQuery(); SharingCapabilities _tenantSharing = _tenantAdmin.SharingCapability; var _currentShareSettings = _siteprops.SharingCapability; bool _isUpdatable = false; if (_tenantSharing == SharingCapabilities.Disabled) { Console.WriteLine("Sharing is currently disabled in your tenant! I am unable to work on it."); } else { if (shareSettings == SharingCapabilities.Disabled) { _isUpdatable = true; } else if (shareSettings == SharingCapabilities.ExternalUserSharingOnly) { _isUpdatable = true; } else if (shareSettings == SharingCapabilities.ExternalUserAndGuestSharing) { if (_tenantSharing == SharingCapabilities.ExternalUserAndGuestSharing) { _isUpdatable = true; } else { Console.WriteLine("ExternalUserAndGuestSharing is currently disabled in your tenant! I am unable to work on it."); } } } if (_currentShareSettings != shareSettings && _isUpdatable) { _siteprops.SharingCapability = shareSettings; _siteprops.Update(); adminCC.ExecuteQuery(); Console.WriteLine("Set Sharing on site {0} to {1}.", siteCollectionURl, shareSettings); } }
/// <summary> /// Get the external sharing status of a site collection based on both of the site and tenant level setting. /// </summary> /// <param name="siteCapability">The external sharing capability of the site collection</param> /// <param name="tenantCapability">The external sharing capability setting of the current tenant</param> /// <returns></returns> private int IsExternalSharingEnabled(SharingCapabilities siteCapability, SharingCapabilities tenantCapability) { if (tenantCapability == SharingCapabilities.Disabled || siteCapability == SharingCapabilities.Disabled) { return(0); } else if (siteCapability == SharingCapabilities.ExternalUserSharingOnly) { return(1); } else if (tenantCapability == SharingCapabilities.ExternalUserAndGuestSharing && siteCapability == SharingCapabilities.ExternalUserAndGuestSharing) { return(2); } return(0); }
protected void Page_Load(object sender, EventArgs e) { if (!Page.IsPostBack) { using (var ctx = GetAdminContext()) { // get site collections. Tenant tenant = new Tenant(ctx); SPOSitePropertiesEnumerable sites = tenant.GetSiteProperties(0, true); ctx.Load(tenant); ctx.Load(sites); ctx.ExecuteQuery(); SharingCapabilities tenantSharing = tenant.SharingCapability; switch (tenantSharing) { case SharingCapabilities.Disabled: lblStatus.Text = "External sharing is disabled at tenant level."; break; case SharingCapabilities.ExternalUserSharingOnly: lblStatus.Text = "External sharing at tenant level is set only for authenticated users."; break; case SharingCapabilities.ExternalUserAndGuestSharing: lblStatus.Text = "External sharing at tenant level is for authenticated and guest users."; break; default: break; } if (tenantSharing != SharingCapabilities.Disabled) { // List site collections foreach (var item in sites) { sitecollections.Items.Add(new System.Web.UI.WebControls.ListItem(item.Url, item.Url)); } } } } }
public bool IsTenantExternalSharingEnabled() { bool isTenantExternalShaingEnabled = false; string siteCollectionUrl = SPOAdminURL; string message = string.Empty; ClientContext clientContext; try { using (clientContext = GetClientContext(siteCollectionUrl, clientID, clientSecret)) { clientContext.ExecuteQuery(); Tenant currentO365Tenant = new Tenant(clientContext); clientContext.Load(currentO365Tenant, O365t => O365t.SharingCapability); clientContext.ExecuteQuery(); SharingCapabilities _tenantSharing = currentO365Tenant.SharingCapability; if (_tenantSharing == SharingCapabilities.Disabled) { message = "Sharing is currently disabled in our tenant."; isTenantExternalShaingEnabled = false; } else { isTenantExternalShaingEnabled = true; } } } catch (Exception ex) { message = ex.Message; } return(isTenantExternalShaingEnabled); }
/// <summary> /// Sets tenant site Properties /// </summary> /// <param name="tenant">A tenant object pointing to the context of a Tenant Administration site</param> /// <param name="siteFullUrl"></param> /// <param name="title"></param> /// <param name="allowSelfServiceUpgrade"></param> /// <param name="sharingCapability"></param> /// <param name="storageMaximumLevel"></param> /// <param name="storageWarningLevel"></param> /// <param name="userCodeMaximumLevel"></param> /// <param name="userCodeWarningLevel"></param> public static void SetSiteProperties(this Tenant tenant, string siteFullUrl, string title = null, bool? allowSelfServiceUpgrade = null, SharingCapabilities? sharingCapability = null, long? storageMaximumLevel = null, long? storageWarningLevel = null, double? userCodeMaximumLevel = null, double? userCodeWarningLevel = null ) { var siteProps = tenant.GetSitePropertiesByUrl(siteFullUrl, true); tenant.Context.Load(siteProps); tenant.Context.ExecuteQueryRetry(); if (siteProps != null) { if (allowSelfServiceUpgrade != null) siteProps.AllowSelfServiceUpgrade = allowSelfServiceUpgrade.Value; if (sharingCapability != null) siteProps.SharingCapability = sharingCapability.Value; if (storageMaximumLevel != null) siteProps.StorageMaximumLevel = storageMaximumLevel.Value; if (storageWarningLevel != null) siteProps.StorageWarningLevel = storageMaximumLevel.Value; if (userCodeMaximumLevel != null) siteProps.UserCodeMaximumLevel = userCodeMaximumLevel.Value; if (userCodeWarningLevel != null) siteProps.UserCodeWarningLevel = userCodeWarningLevel.Value; if (title != null) siteProps.Title = title; siteProps.Update(); tenant.Context.ExecuteQueryRetry(); } }
/// <summary> /// Sets the Site Collection External Sharing Setting using the SharePoint Tenant API /// </summary> /// <param name="adminCC"></param> /// <param name="siteCollectionURl"></param> /// <param name="shareSettings"></param> public static void SetSiteSharing(ClientContext adminCC, string siteCollectionURl, SharingCapabilities shareSettings) { var _tenantAdmin = new Tenant(adminCC); SiteProperties _siteprops = _tenantAdmin.GetSitePropertiesByUrl(siteCollectionURl, true); adminCC.Load(_tenantAdmin); adminCC.Load(_siteprops); adminCC.ExecuteQuery(); SharingCapabilities _tenantSharing = _tenantAdmin.SharingCapability; var _currentShareSettings = _siteprops.SharingCapability; bool _isUpdatable = false; if(_tenantSharing == SharingCapabilities.Disabled) { Console.WriteLine("Sharing is currently disabled in your tenant! I am unable to work on it."); } else { if(shareSettings == SharingCapabilities.Disabled) { _isUpdatable = true; } else if(shareSettings == SharingCapabilities.ExternalUserSharingOnly) { _isUpdatable = true; } else if (shareSettings == SharingCapabilities.ExternalUserAndGuestSharing) { if (_tenantSharing == SharingCapabilities.ExternalUserAndGuestSharing) { _isUpdatable = true; } else { Console.WriteLine("ExternalUserAndGuestSharing is currently disabled in your tenant! I am unable to work on it."); } } } if (_currentShareSettings != shareSettings && _isUpdatable) { _siteprops.SharingCapability = shareSettings; _siteprops.Update(); adminCC.ExecuteQuery(); Console.WriteLine("Set Sharing on site {0} to {1}.", siteCollectionURl, shareSettings); } }
/// <summary> /// Get the external sharing status of a site collection based on both of the site and tenant level setting. /// </summary> /// <param name="siteCapability">The external sharing capability of the site collection</param> /// <param name="tenantCapability">The external sharing capability setting of the current tenant</param> /// <returns></returns> private int IsExternalSharingEnabled(SharingCapabilities siteCapability, SharingCapabilities tenantCapability) { if (tenantCapability == SharingCapabilities.Disabled || siteCapability == SharingCapabilities.Disabled) return 0; else if (siteCapability == SharingCapabilities.ExternalUserSharingOnly) return 1; else if (tenantCapability == SharingCapabilities.ExternalUserAndGuestSharing && siteCapability == SharingCapabilities.ExternalUserAndGuestSharing) return 2; return 0; }
/// <summary> /// Initializes a new instance of the <see cref="SiteList" /> class. /// </summary> /// <param name="id">id.</param> /// <param name="description">description.</param> /// <param name="title">title.</param> /// <param name="url">url.</param> /// <param name="department">department.</param> /// <param name="policyName">policyName.</param> /// <param name="policyId">policyId.</param> /// <param name="template">template.</param> /// <param name="owner">owner.</param> /// <param name="primaryContact">primaryContact.</param> /// <param name="primaryContactDisplayName">primaryContactDisplayName.</param> /// <param name="secondaryContact">secondaryContact.</param> /// <param name="secondaryContactDisplayName">secondaryContactDisplayName.</param> /// <param name="additionalAdministrators">additionalAdministrators.</param> /// <param name="additionalAdministratorDisplayNames">additionalAdministratorDisplayNames.</param> /// <param name="createdTime">createdTime.</param> /// <param name="status">status.</param> /// <param name="claimStatus">claimStatus.</param> /// <param name="sharing">sharing.</param> /// <param name="storageQuota">storageQuota.</param> /// <param name="storageUsed">storageUsed.</param> /// <param name="inactivityThresholdTime">inactivityThresholdTime.</param> /// <param name="leaseExpirationTime">leaseExpirationTime.</param> /// <param name="permissionRecertificationStatus">permissionRecertificationStatus.</param> /// <param name="metadataRecertificationStatus">metadataRecertificationStatus.</param> /// <param name="ownershipRecertificationStatus">ownershipRecertificationStatus.</param> /// <param name="geoLocation">geoLocation.</param> /// <param name="hub">hub.</param> /// <param name="phase">phase.</param> /// <param name="metadata">metadata.</param> public SiteList(Guid id = default(Guid), string description = default(string), string title = default(string), string url = default(string), string department = default(string), string policyName = default(string), Guid policyId = default(Guid), string template = default(string), string owner = default(string), string primaryContact = default(string), string primaryContactDisplayName = default(string), string secondaryContact = default(string), string secondaryContactDisplayName = default(string), string additionalAdministrators = default(string), string additionalAdministratorDisplayNames = default(string), string createdTime = default(string), SiteStatus status = default(SiteStatus), ClaimStatus claimStatus = default(ClaimStatus), SharingCapabilities sharing = default(SharingCapabilities), long storageQuota = default(long), long storageUsed = default(long), DateTime?inactivityThresholdTime = default(DateTime?), DateTime?leaseExpirationTime = default(DateTime?), RecertificationStatus permissionRecertificationStatus = default(RecertificationStatus), RecertificationStatus metadataRecertificationStatus = default(RecertificationStatus), RecertificationStatus ownershipRecertificationStatus = default(RecertificationStatus), string geoLocation = default(string), string hub = default(string), AutoImportPhase phase = default(AutoImportPhase), List <ReportMetadata> metadata = default(List <ReportMetadata>)) { this.Id = id; this.Description = description; this.Title = title; this.Url = url; this.Department = department; this.PolicyName = policyName; this.PolicyId = policyId; this.Template = template; this.Owner = owner; this.PrimaryContact = primaryContact; this.PrimaryContactDisplayName = primaryContactDisplayName; this.SecondaryContact = secondaryContact; this.SecondaryContactDisplayName = secondaryContactDisplayName; this.AdditionalAdministrators = additionalAdministrators; this.AdditionalAdministratorDisplayNames = additionalAdministratorDisplayNames; this.CreatedTime = createdTime; this.Status = status; this.ClaimStatus = claimStatus; this.Sharing = sharing; this.StorageQuota = storageQuota; this.StorageUsed = storageUsed; this.InactivityThresholdTime = inactivityThresholdTime; this.LeaseExpirationTime = leaseExpirationTime; this.PermissionRecertificationStatus = permissionRecertificationStatus; this.MetadataRecertificationStatus = metadataRecertificationStatus; this.OwnershipRecertificationStatus = ownershipRecertificationStatus; this.GeoLocation = geoLocation; this.Hub = hub; this.Phase = phase; this.Metadata = metadata; }