private void setupWebUserGroup(SPWeb web, string groupName, SPRoleType role, string groupDescription = null)
{
SPGroup group = null;
try
{
group = web.SiteGroups[groupName];
log.addInformation("Existing Group '" + group.Name + "' found. Will attach to site " + web.ServerRelativeUrl.ToString());
}
catch
{
log.addWarning("'" + groupName + "' Group wasn't found. Will be created.");
web.SiteGroups.Add(groupName, web.CurrentUser, web.CurrentUser, groupDescription);
group = web.SiteGroups[groupName];
group.RemoveUser(web.CurrentUser);
}
finally
{
SPRoleDefinition roleDefinition = web.RoleDefinitions.GetByType(role);
SPRoleAssignment roleAssignment = new SPRoleAssignment(group);
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
web.RoleAssignments.Add(roleAssignment);
web.Update();
}
}
private void CreateSubSiteGroup(SPWeb web, string groupName, SPRoleType roleType, string groupDescription)
{
var groupInSite = GroupExistsInSiteCollection(web, groupName);
if (!groupInSite)
{
web.AllowUnsafeUpdates = true;
web.Update();
web.BreakRoleInheritance(false);
SPGroupCollection groups = web.SiteGroups;
//for (int i = 0; i < web.SiteAdministrators.Count; i++)
//{
// SPUser owner = web.SiteAdministrators[i];
// SPMember member = web.SiteAdministrators[i];
//}
SPUser owner = web.SiteAdministrators[0];
SPMember member = web.SiteAdministrators[0];
groups.Add(groupName, member, owner, groupDescription);
SPGroup newSPGroup = groups[groupName];
SPRoleDefinition role = web.RoleDefinitions.GetByType(roleType);
SPRoleAssignment roleAssignment = new SPRoleAssignment(newSPGroup);
roleAssignment.RoleDefinitionBindings.Add(role);
web.RoleAssignments.Add(roleAssignment);
web.Update();
}
}
/// <summary>
/// Da permisos a la carpeta especificada
/// </summary>
/// <param name="name">Ruta de la Carpeta</param>
/// <param name="group">Grupo de Usuarios a los que da permisos</param>
/// <param name="role">Rol de la administrador</param>
/// <returns></returns>
public bool AddPermissionsInFolder(string name, string group, SPRoleType role)
{
try
{
var list = Web.Lists.TryGetList(Name);
if (list == null)
{
return(false);
}
var folderCollection = list.RootFolder.SubFolders[name];
if (!list.HasUniqueRoleAssignments)
{
list.BreakRoleInheritance(false);
}
if (!folderCollection.Item.HasUniqueRoleAssignments)
{
folderCollection.Item.BreakRoleInheritance(false);
}
var oGroup = Web.SiteGroups[group];
var roleAssignment = new SPRoleAssignment(oGroup);
var roleDefinition = Web.RoleDefinitions.GetByType(role);
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
folderCollection.Item.RoleAssignments.Add(roleAssignment);
folderCollection.Item.Update();
return(true);
}
catch (Exception exception)
{
Logger.Error(string.Concat("Exceptin Folder", exception.Message));
return(false);
}
}
/// <summary>
/// Adds the principal role to entity part.
/// </summary>
/// <param name="containerTitle">The container title.</param>
/// <param name="guid">The GUID.</param>
/// <param name="partName">Name of the part.</param>
/// <param name="principalName">Name of the principal.</param>
/// <param name="principalType">Type of the principal.</param>
/// <param name="roleName">Name of the role.</param>
/// <returns></returns>
public virtual PrincipalRoleInfo AddPrincipalRoleToEntityPart(string containerTitle, Guid guid, string partName, string principalName, string principalType, string roleName)
{
SPSite site;
var web = GetDocumentStoreWeb(out site);
SPList list;
SPFolder folder;
if (SPDocumentStoreHelper.TryGetFolderFromPath(web, containerTitle, out list, out folder, String.Empty) == false)
{
return(null);
}
SPFile entityPart;
if (SPDocumentStoreHelper.TryGetDocumentStoreEntityPart(list, folder, guid, partName, out entityPart) == false)
{
return(null);
}
SPPrincipal currentPrincipal = PermissionsHelper.GetPrincipal(web, principalName, principalType);
if (currentPrincipal == null)
{
return(null);
}
SPRoleType roleType = PermissionsHelper.GetRoleType(web, roleName);
PermissionsHelper.AddListItemPermissionsForPrincipal(web, entityPart.Item, currentPrincipal, roleType);
return(PermissionsHelper.MapPrincipalRoleInfoFromSPSecurableObject(entityPart.Item, currentPrincipal));
}
/// <summary>Applies the permission for a user.</summary>
/// <param name="user">The user to give the permission to.</param>
/// <param name="roleType">The type of permission.</param>
public void ApplyPermission(SPUser user, SPRoleType roleType)
{
if (assignmentFolder != null)
{
ApplySharePointPermission(assignmentFolder, user, roleType);
}
}
public void AddBuildTeamSecurityGroups_TypeGuest_UpdatesSecurityGroups()
{
// Arrange
const SPRoleType type = SPRoleType.Guest;
var buildTeamPermissions = "1~2~3|1~2~3";
var settingsDictionary = new Dictionary <int, string>()
{
[33] = buildTeamPermissions
};
ShimCoreFunctions.getListSettingStringSPList = (_, __) =>
{
var settings = string.Empty;
for (var index = 0; index <= 50; index++)
{
if (settingsDictionary.ContainsKey(index))
{
settings += $"{settingsDictionary[index]};";
}
else
{
settings += $"{DummyString};";
}
}
return(settings.Replace(";", "\n"));
};
ShimSPRoleDefinition.AllInstances.TypeGet = _ => type;
ShimSPRoleDefinitionBindingCollection.AllInstances.AddSPRoleDefinition = (_, __) =>
{
validations += 1;
};
ShimSecurityUpdate.AllInstances.AddNewItemLvlPermSPListItemSPWebSPRoleAssignment = (_, _1, _2, _3) =>
{
validations += 1;
};
ShimSPGroup.AllInstances.UsersGet = _ => new ShimSPUserCollection();
ShimSPRoleDefinitionCollection.AllInstances.ItemGetString = (_, __) =>
{
validations += 1;
throw new SPException(DummyString);
};
var ganttSettings = new GridGanttSettings(spList);
// Act
privateObject.Invoke(
AddBuildTeamSecurityGroupsMethodName,
publicInstance,
new object[]
{
spWeb.Instance,
ganttSettings,
spListItem.Instance
});
// Assert
validations.ShouldBe(3);
}
public static SPRoleAssignment GetRoleAssignment(SPWeb web, SPPrincipal principal, SPRoleType roleType)
{
SPRoleAssignment roleAssign = new SPRoleAssignment(principal);
SPRoleDefinition roleDef = web.RoleDefinitions.GetByType(roleType);
roleAssign.RoleDefinitionBindings.Add(roleDef);
return roleAssign;
}
public void AddNewItemLvlPerm(SPListItem item, SPWeb oWeb, SPRoleType roleType, SPPrincipal principal)
{
SPRoleDefinition role = oWeb.RoleDefinitions.GetByType(roleType);
SPRoleAssignment assign = new SPRoleAssignment(principal);
assign.RoleDefinitionBindings.Add(role);
item.RoleAssignments.Add(assign);
}
public static void SetPermissions(this SPList list, SPPrincipal principal, SPRoleType roleType)
{
if (list != null)
{
SPRoleDefinition roleDefinition = list.ParentWeb.RoleDefinitions.GetByType(roleType);
SetPermissions(list, principal, roleDefinition);
}
}
public static void SetPermissions(this SPListItem item, SPUser user, SPRoleType roleType)
{
if (item != null)
{
SPRoleDefinition roleDefinition = item.Web.RoleDefinitions.GetByType(roleType);
SetPermissions(item, (SPPrincipal)user, roleDefinition);
}
}
/// <summary>
/// Grants the permission to specified user or group.
/// </summary>
/// <param name="web">The web.</param>
/// <param name="subject">The subject.</param>
/// <param name="userName">Name of the user.</param>
/// <param name="roleType">Type of the role.</param>
public static void GrantPermission(SPWeb web, SPSecurableObject subject, string userName, SPRoleType roleType)
{
SPPrincipal user = TryGetUser(userName, web);
SPPrincipal principal = user != null ? user : (SPPrincipal)web.SiteGroups[userName];
SPRoleDefinition roleDefinition = web.RoleDefinitions.GetByType(roleType);
SPRoleAssignment roleAssignment = new SPRoleAssignment(principal);
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
subject.RoleAssignments.Add(roleAssignment);
}
public static bool TryGrantPermission(this SPWeb web, string principalName, SPRoleType roleType)
{
bool retVal = false;
SPRoleDefinition roleDef;
if (web.TryGetRoleDefinition(Enum.GetName(typeof(SPRoleType), roleType), out roleDef))
{
retVal = web.TryGrantPermission(principalName, roleDef);
}
return(retVal);
}
public static void AddPermissions(this SPWeb web, SPGroup group, SPRoleType type, bool updateWeb = true)
{
var roleAssignment = new SPRoleAssignment(group);
roleAssignment.RoleDefinitionBindings.Add(web.RoleDefinitions.GetByType(type));
web.RoleAssignments.Add(roleAssignment);
if (updateWeb)
{
web.Update();
}
}
public bool AdicionarPermissao(string urlSite, string nomeGrupo, string nomePermissao)
{
var retorno = false;
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPWeb web = new SPSite(SPContext.Current.Site.ID).OpenWeb(String.Concat(@"/", urlSite)))
{
var anterior = web.AllowUnsafeUpdates;
web.AllowUnsafeUpdates = true;
//Criar grupo:
SPGroup group = null;
try
{
group = web.SiteGroups[nomeGrupo];
}
catch (Exception)
{
if (group == null)
{
web.SiteGroups.Add(nomeGrupo, SPContext.Current.Web.CurrentUser, web.Author, "Descrição do Grupo");
group = web.SiteGroups[nomeGrupo];
}
}
// Adicionar permissão:
SPRoleType type = SPRoleType.None;
switch (nomePermissao)
{
case "Contribuição": type = SPRoleType.Contributor; break;
case "Controle Total": type = SPRoleType.Administrator; break;
case "Leitura": type = SPRoleType.Reader; break;
case "Edição": type = SPRoleType.Editor; break;
case "Designer": type = SPRoleType.WebDesigner; break;
}
SPRoleDefinition roleDefinition = web.RoleDefinitions.GetByType(type);
SPRoleAssignment roleAssignment = new SPRoleAssignment(group);
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
web.RoleAssignments.Add(roleAssignment);
web.Update();
web.AllowUnsafeUpdates = !anterior;
retorno = true;
}
});
return(retorno);
}
/// <summary>Sets the correct permissions when the item is collected.</summary>
/// <param name="user">The user to update the folder for.</param>
public void ApplyCollectAssignmentPermissions(SPUser user)
{
// If the assignment is auto return, the learner will still be able to view the drop box assignment files
// otherwise, learner permissions will be removed from the drop box library & learner's subfolder in the Drop Box document library
SPRoleType learnerPermissions = SPRoleType.Reader;
if (assignmentProperties.AutoReturn == false)
{
learnerPermissions = SPRoleType.None;
}
ApplyAssignmentPermission(user, learnerPermissions, SPRoleType.Contributor, true);
}
private void AddGroupToParentWeb(SPWeb web, string groupName, SPRoleType roleType)
{
SPUserCollection users = web.AllUsers;
SPGroup group = web.SiteGroups.GetByName(groupName);
if (group != null)
{
SPRoleDefinition role = web.RoleDefinitions.GetByType(roleType);
SPRoleAssignment roleAssignment = new SPRoleAssignment(group);
roleAssignment.RoleDefinitionBindings.Add(role);
web.RoleAssignments.Add(roleAssignment);
web.Update();
}
}
internal static SPRoleDefinition SetRoleDefinitionOrder(SPWeb rootWeb, SPRoleType roleType, int order)
{
SPRoleDefinition byType = null;
try
{
byType = rootWeb.RoleDefinitions.GetByType(roleType);
byType.Order = order;
byType.Update();
}
catch (Exception ex)
{
SPDiagnosticsService.Local.WriteTrace(0, new SPDiagnosticsCategory(ex.Source, TraceSeverity.High, EventSeverity.Error), TraceSeverity.High, ex.Message, ex.Data);
}
return(byType);
}
public static void AddPermissions(this SPList list, string spGroupName, SPRoleType type, bool updateItem = true)
{
var group = list.ParentWeb.TryGetGroup(spGroupName);
if (group == null)
{
throw new ArgumentException($"Unable to find SP group with name '{spGroupName}'");
}
var roleAssignment = new SPRoleAssignment(group);
roleAssignment.RoleDefinitionBindings.Add(list.ParentWeb.RoleDefinitions.GetByType(type));
list.RoleAssignments.Add(roleAssignment);
if (updateItem)
{
list.Update();
}
}
/// <summary>Applies permissions to the learner folder and creates it if required.</summary>
/// <param name="user">The learner to create the folder for.</param>
/// <param name="learnerPermissions">The permissions to set.</param>
/// <param name="instructorPermissions">The instructor permissions to set.</param>
/// <param name="removeObserverPermissions">Whether to remove observer permissions or not.</param>
void ApplyAssignmentPermission(SPUser user, SPRoleType learnerPermissions, SPRoleType instructorPermissions, bool removeObserverPermissions)
{
SPSecurity.RunWithElevatedPrivileges(delegate
{
using (SPSite spSite = new SPSite(assignmentProperties.SPSiteGuid))
{
using (SPWeb spWeb = spSite.OpenWeb(assignmentProperties.SPWebGuid))
{
DropBox dropBox = new DropBox(store, spWeb);
AssignmentFolder assignmentFolder = dropBox.GetAssignmentFolder(assignmentProperties);
if (assignmentFolder != null)
{
// Get the learner sub folder
AssignmentFolder learnerSubFolder = assignmentFolder.FindLearnerFolder(user);
if (learnerSubFolder == null)
{
learnerSubFolder = assignmentFolder.CreateLearnerAssignmentFolder(user);
}
// Apply learner permissions
learnerSubFolder.RemovePermissions(user);
if (learnerPermissions != SPRoleType.None)
{
learnerSubFolder.ApplyPermission(user, learnerPermissions);
}
// Apply instructor permissions
foreach (SlkUser instructor in assignmentProperties.Instructors)
{
learnerSubFolder.RemovePermissions(instructor.SPUser);
learnerSubFolder.ApplyPermission(instructor.SPUser, instructorPermissions);
}
if (removeObserverPermissions)
{
learnerSubFolder.RemoveObserverPermission();
}
}
}
}
});
}
/// <summary>
/// Create SharePoint grou
/// </summary>
/// <param name="web"></param>
/// <param name="groupName">SharePoint group name</param>
/// <param name="permissionLevel">Type of Permission</param>
/// <returns></returns>
public static bool CreateGroup(this SPWeb web, string groupName, SPRoleType permissionLevel)
{
try
{
var owner = web.SiteAdministrators[0];
var member = web.SiteAdministrators[0];
var groups = web.SiteGroups;
groups.Add(groupName, member, owner, string.Empty);
var newSPGroup = groups[groupName];
var role = web.RoleDefinitions.GetByType(permissionLevel);
var roleAssignment = new SPRoleAssignment(newSPGroup);
roleAssignment.RoleDefinitionBindings.Add(role);
web.RoleAssignments.Add(roleAssignment);
web.Update();
return true;
}
catch (Exception exception)
{
Logger.Error(string.Concat("Error Create ", exception.Message));
return false;
}
}
/// <summary>
/// Create SharePoint grou
/// </summary>
/// <param name="web"></param>
/// <param name="groupName">SharePoint group name</param>
/// <param name="permissionLevel">Type of Permission</param>
/// <returns></returns>
public static bool CreateGroup(this SPWeb web, string groupName, SPRoleType permissionLevel)
{
try
{
var owner = web.SiteAdministrators[0];
var member = web.SiteAdministrators[0];
var groups = web.SiteGroups;
groups.Add(groupName, member, owner, string.Empty);
var newSPGroup = groups[groupName];
var role = web.RoleDefinitions.GetByType(permissionLevel);
var roleAssignment = new SPRoleAssignment(newSPGroup);
roleAssignment.RoleDefinitionBindings.Add(role);
web.RoleAssignments.Add(roleAssignment);
web.Update();
return true;
}
catch (Exception exception)
{
Logger.Error(string.Concat("Error Create ", exception.Message));
return false;
}
}
public void RemoveRole(SPSecurableObject target, SPPrincipal principal, SPRoleType roleType)
{
if (roleType == SPRoleType.None)
{
throw new ArgumentException("Removing custom RoleDefinitions is not supported.");
}
var assignment = target.RoleAssignments.Cast <SPRoleAssignment>().FirstOrDefault(x => x.Member.ID == principal.ID && x.RoleDefinitionBindings.Cast <SPRoleDefinition>().Any(r => r.Type == roleType));
if (assignment != null)
{
EnsureBrokenRoleInheritance(target);
assignment = target.RoleAssignments.Cast <SPRoleAssignment>().FirstOrDefault(x => x.Member.ID == principal.ID);
foreach (var role in assignment.RoleDefinitionBindings.Cast <SPRoleDefinition>().Where(x => x.Type == roleType).ToArray())
{
assignment.RoleDefinitionBindings.Remove(role);
}
assignment.Update();
}
}
public static void AddExistedGroup(this SPWeb web, string groupName, SPRoleType role)
{
if (string.IsNullOrEmpty(groupName))
{
return;
}
try
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
web.AssociatedGroups.Add(web.SiteGroups[groupName]);
web.Update();
//Assignment of the roles to the group.
SPRoleAssignment assignment = new SPRoleAssignment(web.SiteGroups[groupName]);
SPRoleDefinition _role = web.RoleDefinitions.GetByType(role);
assignment.RoleDefinitionBindings.Add(_role);
web.RoleAssignments.Add(assignment);
});
}
catch
{ }
}
/// <summary>
/// Da permisos a la carpeta especificada
/// </summary>
/// <param name="name">Ruta de la Carpeta</param>
/// <param name="group">Grupo de Usuarios a los que da permisos</param>
/// <param name="role">Rol de la administrador</param>
/// <returns></returns>
public bool AddPermissionsInFolder(string name, string group, SPRoleType role)
{
try
{
var list = Web.Lists.TryGetList(Name);
if (list == null)
{
return false;
}
var folderCollection = list.RootFolder.SubFolders[name];
if (!list.HasUniqueRoleAssignments)
{
list.BreakRoleInheritance(false);
}
if (!folderCollection.Item.HasUniqueRoleAssignments)
{
folderCollection.Item.BreakRoleInheritance(false);
}
var oGroup = Web.SiteGroups[group];
var roleAssignment = new SPRoleAssignment(oGroup);
var roleDefinition = Web.RoleDefinitions.GetByType(role);
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
folderCollection.Item.RoleAssignments.Add(roleAssignment);
folderCollection.Item.Update();
return true;
}
catch (Exception exception)
{
Logger.Error(string.Concat("Exceptin Folder", exception.Message));
return false;
}
}
public static void ApplySharePointPermission(SPWeb web, SPSecurableObject securableObject, SPUser user, SPRoleType roleType)
#endif
{
if (user == null)
{
throw new ArgumentNullException();
}
SPRoleDefinition roleDefinition;
try
{
roleDefinition = web.RoleDefinitions.GetByType(roleType);
}
catch (ArgumentException)
{
SlkCulture culture = new SlkCulture();
throw new SafeToDisplayException(string.Format(culture.Culture, culture.Resources.DropBoxManagerNoRole, roleType));
}
SPRoleAssignment roleAssignment = null;
using (new AllowUnsafeUpdates(web))
{
bool isNewRoleDefintion = true;
if (securableObject.HasUniqueRoleAssignments == false)
{
securableObject.BreakRoleInheritance(false);
roleAssignment = new SPRoleAssignment(user);
}
else
{
try
{
roleAssignment = securableObject.RoleAssignments.GetAssignmentByPrincipal(user);
}
catch (ArgumentException)
{
// No role assignments for user
}
if (roleAssignment == null)
{
roleAssignment = new SPRoleAssignment(user);
}
else
{
isNewRoleDefintion = false;
bool needsRoleAdding = true;
foreach (SPRoleDefinition iterator in roleAssignment.RoleDefinitionBindings)
{
if (iterator.Id == roleDefinition.Id)
{
needsRoleAdding = false;
break;
}
}
if (needsRoleAdding)
{
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
roleAssignment.Update();
}
}
}
if (isNewRoleDefintion)
{
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
#if SP2007
securableObject.RoleAssignments.Add(roleAssignment);
#else
securableObject.RoleAssignments.AddToCurrentScopeOnly(roleAssignment);
#endif
}
}
}
public static SPGroup AddGroup(SPWeb web, string groupNameFormatString, string descriptionFormatString, SPRoleType roleType, string ownerNameFormatString)
{
web.SiteGroups.Add(string.Format(groupNameFormatString, web.Title), web.CurrentUser, web.CurrentUser, string.Format(descriptionFormatString, web.Name));
SPGroup group = web.SiteGroups[string.Format(groupNameFormatString, web.Title)];
try
{
SPGroup owner = web.SiteGroups[string.Format(ownerNameFormatString, web.Title)];
group.Owner = owner;
}
catch { }
if (descriptionFormatString.IndexOf("{0}") != -1)
{
SPListItem item = web.SiteUserInfoList.GetItemById(group.ID);
item["Notes"] = string.Format(descriptionFormatString, string.Format("<a href=\"{0}\">{1}</a>", web.Url, web.Name));
item.Update();
}
SPRoleAssignment roleAssignment = new SPRoleAssignment(group);
roleAssignment.RoleDefinitionBindings.Add(web.RoleDefinitions.GetByType(roleType));
web.RoleAssignments.Add(roleAssignment);
switch (roleType)
{
case SPRoleType.Administrator:
group.AllowMembersEditMembership = false;
group.OnlyAllowMembersViewMembership = true;
group.AllowRequestToJoinLeave = false;
group.AutoAcceptRequestToJoinLeave = false;
web.AssociatedOwnerGroup = group;
break;
case SPRoleType.Contributor:
group.AllowMembersEditMembership = false;
group.AllowRequestToJoinLeave = false;
group.AutoAcceptRequestToJoinLeave = false;
group.OnlyAllowMembersViewMembership = false;
web.AssociatedMemberGroup = group;
break;
case SPRoleType.Reader:
group.AllowMembersEditMembership = false;
group.OnlyAllowMembersViewMembership = true;
group.AllowRequestToJoinLeave = false;
group.AutoAcceptRequestToJoinLeave = false;
web.AssociatedVisitorGroup = group;
break;
}
group.Update();
web.Update();
return(group);
}
public static void SetPermissions(this SPList list, IEnumerable <SPPrincipal> principals, SPRoleType roleType)
{
if (list != null)
{
foreach (SPPrincipal principal in principals)
{
SPRoleDefinition roleDefinition = list.ParentWeb.RoleDefinitions.GetByType(roleType);
SetPermissions(list, principal, roleDefinition);
}
}
}
internal static void AddRole(SPWeb web, SPSecurableObject target, SPPrincipal principal, SPRoleType roleType)
{
if (roleType == SPRoleType.None)
{
throw new ArgumentException("Adding custom RoleDefinitions is not supported.");
}
var roleToAdd = web.RoleDefinitions.Cast<SPRoleDefinition>().FirstOrDefault(x => x.Type == roleType);
if (roleToAdd != null)
{
EnsureBrokenRoleInheritance(target);
var assignments = target.RoleAssignments.Cast<SPRoleAssignment>().FirstOrDefault(x => x.Member.ID == principal.ID);
if (assignments == null)
{
assignments = new SPRoleAssignment(principal);
assignments.RoleDefinitionBindings.Add(roleToAdd);
target.RoleAssignments.Add(assignments);
}
else
{
assignments.RoleDefinitionBindings.Add(roleToAdd);
assignments.Update();
}
}
else
{
throw new ArgumentException("No RoleDefinition found for type " + roleType);
}
}
/// <summary>
/// Grants list level permissions to a target sharepoint on the HTS site.
/// </summary>
/// <param name="spTargetGroup">Represents an instance of a HTS security group.</param>
/// <param name="spAssignRoleType">Represents an instance of a target HTS role type.</param>
/// <param name="spTargetList">Represents an instance of the target list where we grant the security group permission to.</param>
private static void GrantGroupListLevelPermisisons(SPGroup spTargetGroup, SPRoleType spAssignRoleType, SPList spTargetList)
{
if (spTargetList.HasUniqueRoleAssignments == false)
{
spTargetList.BreakRoleInheritance(true);
}
/* Remove the user from the role assignment. */
spTargetList.RoleAssignments.Remove(spTargetGroup);
SPRoleAssignment roleAssign = new SPRoleAssignment(spTargetGroup);
SPRoleDefinition roleDef = spTargetList.ParentWeb.RoleDefinitions.GetByType(spAssignRoleType);
roleAssign.RoleDefinitionBindings.Add(roleDef);
spTargetList.RoleAssignments.Add(roleAssign);
}
public void AddBuildTeamSecurityGroups_TypeNotGuest_UpdatesSecurityGroups()
{
// Arrange
const SPRoleType type = SPRoleType.Administrator;
var buildTeamPermissions = "1~2~3|1~2~3";
var methodHit = 0;
var settingsDictionary = new Dictionary <int, string>()
{
[33] = buildTeamPermissions
};
ShimCoreFunctions.getListSettingStringSPList = (_, __) =>
{
var settings = string.Empty;
for (var index = 0; index <= 50; index++)
{
if (settingsDictionary.ContainsKey(index))
{
settings += $"{settingsDictionary[index]};";
}
else
{
settings += $"{DummyString};";
}
}
return(settings.Replace(";", "\n"));
};
ShimSPRoleDefinition.AllInstances.TypeGet = _ => type;
ShimSPRoleDefinitionBindingCollection.AllInstances.AddSPRoleDefinition = (_, __) =>
{
validations += 1;
};
ShimSecurityUpdate.AllInstances.AddNewItemLvlPermSPListItemSPWebSPRoleAssignment = (_, _1, _2, _3) =>
{
validations += 1;
};
ShimSPGroup.AllInstances.UsersGet = _ => new ShimSPUserCollection();
ShimSPBaseCollection.AllInstances.GetEnumerator = _ =>
{
methodHit += 1;
if (methodHit.Equals(One))
{
var roleAssignments = new List <SPRoleAssignment>()
{
new ShimSPRoleAssignment()
{
MemberGet = () => new ShimSPGroup()
{
NameGet = () => "Owner",
AddUserSPUser = __ =>
{
validations += 1;
},
Update = () =>
{
validations += 1;
}
}.Instance
}
}.GetEnumerator();
return(roleAssignments);
}
var users = new List <SPUser>()
{
}.GetEnumerator();
return(users);
};
var ganttSettings = new GridGanttSettings(spList);
// Act
privateObject.Invoke(
AddBuildTeamSecurityGroupsMethodName,
publicInstance,
new object[]
{
spWeb.Instance,
ganttSettings,
spListItem.Instance
});
// Assert
validations.ShouldBe(3);
}
public void AddRole(SPListItem listItem, SPPrincipal principal, SPRoleType roleType)
{
AddRole(listItem.Web, listItem, principal, roleType);
}
/// <summary>
/// Grants permissions to a group for a specific site.
/// </summary>
/// <param name="spGroup">Represents a SharePoint group</param>
/// <param name="sPRoleType">Represents the permission to grant to the target group.</param>
/// <param name="spWeb">Represents an instance of the Homework Tracking Site as a SPWeb object.</param>
private static void GrantGroupSiteLevelPermissions(SPGroup spTargetGroup, SPRoleType sPRoleType, SPWeb spWeb)
{
if (!spWeb.IsRootWeb)
{
if (spWeb.HasUniqueRoleAssignments == false)
{
spWeb.BreakRoleInheritance(true);
}
/* Adding the School Administration group. */
spWeb.RoleAssignments.Remove(spTargetGroup);
SPRoleAssignment roleAssign = new SPRoleAssignment(spTargetGroup);
SPRoleDefinition roleDef = spWeb.RoleDefinitions.GetByType(sPRoleType);
roleAssign.RoleDefinitionBindings.Add(roleDef);
spWeb.RoleAssignments.Add(roleAssign);
}
}
public static void AddPermissionsForUser(this SPListItem listItem, SPUser user, SPRoleType type, bool updateItem = true)
{
var roleAssignment = new SPRoleAssignment(user);
roleAssignment.RoleDefinitionBindings.Add(listItem.Web.RoleDefinitions.GetByType(type));
listItem.RoleAssignments.Add(roleAssignment);
if (updateItem)
{
listItem.SystemUpdate();
}
}
public void AddRole(SPWeb web, SPPrincipal principal, SPRoleType roleType)
{
AddRole(web, web, principal, roleType);
}
private static void CreateGroup(SPWeb curWeb, SPMember groupOwner, SPUser defaultUser, string groupName, string strDesc, SPRoleType _SPRoleType)
{
curWeb.SiteGroups.Add(groupName, groupOwner, defaultUser, strDesc);
curWeb.Update();
//Set group to a unique permission
SPGroup group = curWeb.SiteGroups[groupName];
SPRoleAssignment spRoleAssignment = new SPRoleAssignment(group);
SPRoleDefinition roleDefinition = curWeb.RoleDefinitions.GetByType(_SPRoleType);
spRoleAssignment.RoleDefinitionBindings.Add(roleDefinition);
curWeb.RoleAssignments.Add(spRoleAssignment);
curWeb.Update();
}
public static void AddPermissionsForUser(this SPList list, string adLogonName, SPRoleType type, bool updateItem = true)
{
var adUser = list.ParentWeb.EnsureUser(adLogonName);
var roleAssignment = new SPRoleAssignment(adUser);
roleAssignment.RoleDefinitionBindings.Add(list.ParentWeb.RoleDefinitions.GetByType(type));
list.RoleAssignments.Add(roleAssignment);
if (updateItem)
{
list.Update();
}
}
/// <summary>Assigns a permission to a securable object.</summary>
/// <param name="web">The SPWeb containing the object.</param>
/// <param name="securableObject">The securable object.</param>
/// <param name="user">The user to assign permissions.</param>
/// <param name="roleType">The type of permission to add.</param>
#if SP2007
public static void ApplySharePointPermission(SPWeb web, ISecurableObject securableObject, SPUser user, SPRoleType roleType)
/// <summary>
/// Verifies if the target SharePoint group was granted permissions at the site level.
/// </summary>
/// <param name="spWeb">Represents an instance of the Homework Tracking Site as a SPWeb object.</param>
/// <param name="spRoleType">Represents the permission to check </param>
/// <param name="spTargetGroup">Represents an instance of the target SharePoint group.</param>
/// <returns>True/Fase if group was granted permissions or not.</returns>
private static bool CheckSiteLevelPermissions(SPWeb spWeb, SPRoleType spRoleType, SPPrincipal spTargetGroup)
{
bool SiteLevelUser = false;
foreach (SPRoleAssignment roleAssignment in spWeb.RoleAssignments)
{
if (roleAssignment.Member.Name == spTargetGroup.Name)
{
SiteLevelUser = true;
//SPRoleDefinition currentRoleDef = spWeb.RoleDefinitions.GetByType(spRoleType);
//SPRoleDefinitionBindingCollection spRoleDefs = roleAssignment.RoleDefinitionBindings;
//foreach (SPRoleDefinition spRoleDef in spRoleDefs)
//{
// if (spRoleDef == currentRoleDef)
// {
// SiteLevelUser = true;
// }
//}
}
}
return SiteLevelUser;
}
public SPRoleDefinition GetRoleDefinitionByRoleType(SPWeb web, SPRoleType roleType)
{
return web.RoleDefinitions.Cast<SPRoleDefinition>().First(x => x.Type == roleType);
}
public static bool TryGrantPermission(this SPListItem item, SPPrincipal principal, SPRoleType roleType)
{
return(item.TryGrantPermission(principal, item.Web.RoleDefinitions.GetByType(roleType)));
}
public void RemoveRole(SPSecurableObject target, SPPrincipal principal, SPRoleType roleType)
{
if (roleType == SPRoleType.None)
{
throw new ArgumentException("Removing custom RoleDefinitions is not supported.");
}
var assignment = target.RoleAssignments.Cast<SPRoleAssignment>().FirstOrDefault(x => x.Member.ID == principal.ID && x.RoleDefinitionBindings.Cast<SPRoleDefinition>().Any(r => r.Type == roleType));
if (assignment != null)
{
EnsureBrokenRoleInheritance(target);
assignment = target.RoleAssignments.Cast<SPRoleAssignment>().FirstOrDefault(x => x.Member.ID == principal.ID);
foreach (var role in assignment.RoleDefinitionBindings.Cast<SPRoleDefinition>().Where(x => x.Type == roleType).ToArray())
{
assignment.RoleDefinitionBindings.Remove(role);
}
assignment.Update();
}
}
private static bool CheckListLevelPermissions(SPList spTargetList, SPRoleType spAssignRoleType, SPGroup spTargetGroup)
{
bool ListLevelPermissionsExists = false;
foreach (SPRoleAssignment roleAssignment in spTargetList.RoleAssignments)
{
if (roleAssignment.Member.Name == spTargetGroup.Name)
{
SPRoleDefinition currentRoleDef = spTargetList.ParentWeb.RoleDefinitions.GetByType(spAssignRoleType);
SPRoleDefinitionBindingCollection spRoleDefs = roleAssignment.RoleDefinitionBindings;
foreach (SPRoleDefinition spRoleDef in spRoleDefs)
{
if (spRoleDef == currentRoleDef)
{
ListLevelPermissionsExists = true;
}
}
}
}
return ListLevelPermissionsExists;
}
public void AddRole(SPList list, SPPrincipal principal, SPRoleType roleType)
{
AddRole(list.ParentWeb, list, principal, roleType);
}
public static void AssignPermissions(this SPSecurableObject securableObject, SPPrincipal principal, SPRoleType roleType, bool replaceAllDefinitions = false, bool copyRoleAssignments = false, bool clearSubscopes = true)
{
SPWeb web = principal.ParentWeb;
SPRoleDefinition roleDefinition = web.RoleDefinitions.GetByType(roleType);
AssignPermissions(securableObject, principal, roleDefinition, replaceAllDefinitions, copyRoleAssignments, clearSubscopes);
}
public static bool AddGroupRole(SPList list, string groupName, SPRoleType role)
{
bool res = false;
try
{
SPGroupCollection groups = list.ParentWeb.SiteGroups;
foreach (SPGroup gr in groups)
{
if (gr.Name == groupName) return true;
}
SPGroup group = GroupManager.CreateGroup(list.ParentWeb, groupName);
if (group == null) return res;
SPRoleAssignment roleAssignmentAdmin = new SPRoleAssignment((SPPrincipal)group);
SPRoleDefinition roleAdmin = list.ParentWeb.RoleDefinitions.GetByType(role);
roleAssignmentAdmin.RoleDefinitionBindings.Add(roleAdmin);
list.RoleAssignments.Add(roleAssignmentAdmin);
list.Update();
res = true;
}
catch (Exception ex)
{
UlsLogging.LogError("AddGroupRole(SPList list, string groupName, SPRoleType role). Message: {0}, StackTrace: {1}", ex.Message, ex.StackTrace);
}
return res;
}
/// <summary>
/// Add group to SPWeb and set permission for this group
/// </summary>
/// <param name="web"></param>
/// <param name="groupName"></param>
/// <param name="groupDescription"></param>
/// <param name="role"></param>
/// <param name="member"></param>
public static void CreateNewGroup(this SPWeb web, string groupName, string groupDescription, SPRoleType role)
{
if (string.IsNullOrEmpty(groupName))
{
return;
}
try
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite spSite = new SPSite(web.Site.ID))
{
using (SPWeb spWeb = spSite.OpenWeb(web.ID))
{
SPUserCollection users = spWeb.AllUsers;
SPUser owner = users[spWeb.Author.LoginName];
SPMember member = users[spWeb.Author.LoginName];
//Add the group to the SPWeb web
SPGroupCollection groups = spWeb.SiteGroups;
var isExits = groups.Cast <SPGroup>().FirstOrDefault(p => p.Name == groupName);
if (isExits == null)
{
groups.Add(groupName, member, owner, groupDescription);
}
//Associate the group with SPWeb
//spWeb.AssociatedGroups.Add(spWeb.SiteGroups[groupName]);
spWeb.Update();
//Assignment of the roles to the group.
SPRoleAssignment assignment = new SPRoleAssignment(spWeb.SiteGroups[groupName]);
SPRoleDefinition _role = spWeb.RoleDefinitions.GetByType(role);
assignment.RoleDefinitionBindings.Add(_role);
spWeb.RoleAssignments.Add(assignment);
}
}
});
}
catch
{
// Not catch exception because check group exists
}
}
