protected SPGroup create_group(string group_name, SPWeb web)
{
SPUser user = web.EnsureUser("Administrator");
web.SiteGroups.Add(group_name, user, null, group_name);
SPGroup group = web.SiteGroups[group_name];
web.Update();
SPRoleAssignment assignment = new SPRoleAssignment(group);
SPRoleDefinition role = web.RoleDefinitions["读取"];
assignment.RoleDefinitionBindings.Add(role);
web.RoleAssignments.Add(assignment);
return group;
}
public static void CreateSubSiteGroup(SPWeb web, string groupName, string PermissionLevel, string groupDescription)
{
try
{
web.AllowUnsafeUpdates = true;
SPUserCollection users = web.AllUsers;
SPUser owner = web.SiteAdministrators[0];
SPMember member = web.SiteAdministrators[0];
SPGroupCollection groups = web.SiteGroups;
groups.Add(groupName, member, owner, groupDescription);
SPGroup newSPGroup = groups[groupName];
newSPGroup.OnlyAllowMembersViewMembership = false;
newSPGroup.Update();
SPRoleDefinition role = web.RoleDefinitions[PermissionLevel];
SPRoleAssignment roleAssignment = new SPRoleAssignment(newSPGroup);
roleAssignment.RoleDefinitionBindings.Add(role);
web.RoleAssignments.Add(roleAssignment);
web.Update();
web.AllowUnsafeUpdates = false;
}
catch (Exception ex)
{
ULSLogger.LogErrorInULS(ex.Message, TraceSeverity.Unexpected);
}
}
/// <summary>
/// Creates one or more role assignments for a given user on a given SharePoint Web site.
/// </summary>
///
/// <param name="loginName">The login name, e.g. "MyDomain\SlkLearner123". If the login name
/// starts with ".\", it's assumed to be a local machine account.</param>
///
/// <param name="permissions">A comma-separated list of permission names to use for the role
/// assignments, "Contribute,SLK Instructor".</param>
///
/// <param name="webSiteUrl">The URL of the Web site.</param>
///
static void GrantUserAccess(string loginName, string permissions, string webSiteUrl)
{
Console.WriteLine("Giving \"{0}\" permission(s) \"{1}\" on \"{2}\"", loginName,
permissions, webSiteUrl);
using (SPSite spSite = new SPSite(webSiteUrl))
{
using (SPWeb spWeb = spSite.OpenWeb())
{
if (loginName.StartsWith(@".\"))
{
loginName = String.Format(@"{0}\{1}", spSite.HostName, loginName.Substring(2));
}
SPUser spUser = spWeb.SiteUsers[loginName];
foreach (string substring in permissions.Split(','))
{
string permission = substring.Trim();
SPRoleAssignment roleAssignment = new SPRoleAssignment(spUser);
SPRoleDefinition roleDefinition;
try
{
roleDefinition = spWeb.RoleDefinitions[permission];
}
catch (SPException)
{
throw new Exception(String.Format(
"Cannot access permission \"{0}\"", permission));
}
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
spWeb.RoleAssignments.Add(roleAssignment);
}
}
}
}
public static void ClearRights(SPListItem item)
{
SPWeb web = item.Web;
bool allowUnsafeUpdates = web.AllowUnsafeUpdates;
web.AllowUnsafeUpdates = true;
if (!item.HasUniqueRoleAssignments)
{
item.BreakRoleInheritance(false);
if (web.AssociatedOwnerGroup != null)
{
var roleAssignment = new SPRoleAssignment(web.AssociatedOwnerGroup);
SPRoleDefinition byType = web.RoleDefinitions.GetByType(SPRoleType.Administrator);
roleAssignment.RoleDefinitionBindings.Add(byType);
item.RoleAssignments.Add(roleAssignment);
}
}
else
{
const int num = 0x3fffffff;
int num2 = (web.AssociatedOwnerGroup != null) ? web.AssociatedOwnerGroup.ID : -1;
for (int i = item.RoleAssignments.Count - 1; i >= 0; i--)
{
int iD = item.RoleAssignments[i].Member.ID;
if ((iD != num) && (iD != num2))
{
item.RoleAssignments.Remove(i);
}
}
}
web.AllowUnsafeUpdates = allowUnsafeUpdates;
}
private void CreateConfigurationList(SPWeb web)
{
SPList configurationList = web.Lists.TryGetList(Resource.ConfigurationList);
if (configurationList == null)
{
Guid configurationListGuid = web.Lists.Add(Resource.ConfigurationList, Resource.ConfigurationListDesc, SPListTemplateType.GenericList);
configurationList = web.Lists[configurationListGuid];
configurationList.Fields.Add("Property", SPFieldType.Text, true);
configurationList.Fields.Add("Setting", SPFieldType.Text, true);
configurationList.EnableVersioning = true;
// Only system admins should be able to edit this, but everybody needs to view it
configurationList.BreakRoleInheritance(false);
SPPrincipal group = web.SiteGroups["Guidewire Owners"];
if (group != null)
{
SPRoleAssignment roleAssignment = new SPRoleAssignment(group);
SPRoleDefinition roleDefinition = web.RoleDefinitions.GetByType(SPRoleType.Administrator);
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
configurationList.RoleAssignments.Add(roleAssignment);
}
configurationList.Update();
Configuration.AddDefaultConfigurationValue(web, Resource.ConfigGWWsUserName, "GWSharePointIntegration");
Configuration.AddDefaultConfigurationValue(web, Resource.ConfigGWWsPassword, "gw");
Configuration.AddDefaultConfigurationValue(web, Resource.ConfigGWWsEndpoint, "http://manclredev02:8080/cc/ws/riverstone/webservice/document/trg_UpdateMetadataAPI");
}
}
/// <summary>
/// Adds a user to specified roles on the website
/// </summary>
/// <param name="SiteWeb">site to which the user will be assigned</param>
/// <param name="SiteUser">user to be added. Make sure its Roles collection contains some roles otherwise the user will not be added.</param>
private void AddSiteUser(CS4User siteUser)
{
string siteUrl = System.String.Empty;
SPSite site = null;
SPWeb siteWeb = null;
SPUser spUser = null;
foreach (CS4User.UserPermission userPermission in siteUser.UserRoles)
{
if (siteUrl != userPermission.WebUrl)
{
siteUrl = userPermission.WebUrl;
site = new SPSite(siteUrl);
siteWeb = site.OpenWeb();
try
{
spUser = siteWeb.SiteUsers[siteUser.UserLoginWithDomain];
}
catch
{
//user has not been added to this site yet
siteWeb.Users.Add(siteUser.UserLoginWithDomain, siteUser.Email, siteUser.UserName, "");
spUser = siteWeb.SiteUsers[siteUser.UserLoginWithDomain];
}
}
//siteWeb.Roles[userPermission.Role].AddUser(siteUser.UserLoginWithDomain, siteUser.Email, siteUser.UserName, "");
SPRoleAssignment roleAssignment = new SPRoleAssignment(spUser);
SPRoleDefinition roleDefinition = siteWeb.RoleDefinitions[userPermission.Role];
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
siteWeb.RoleAssignments.Add(roleAssignment);
}
}
private void setupWebUserGroup(SPWeb web, string groupName, SPRoleType role, string groupDescription = null)
{
SPGroup group = null;
try
{
group = web.SiteGroups[groupName];
log.addInformation("Existing Group '" + group.Name + "' found. Will attach to site " + web.ServerRelativeUrl.ToString());
}
catch
{
log.addWarning("'" + groupName + "' Group wasn't found. Will be created.");
web.SiteGroups.Add(groupName, web.CurrentUser, web.CurrentUser, groupDescription);
group = web.SiteGroups[groupName];
group.RemoveUser(web.CurrentUser);
}
finally
{
SPRoleDefinition roleDefinition = web.RoleDefinitions.GetByType(role);
SPRoleAssignment roleAssignment = new SPRoleAssignment(group);
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
web.RoleAssignments.Add(roleAssignment);
web.Update();
}
}
private void AssignRoles(SPWeb web, SPListItem item, SPRoleDefinition roleDef)
{
foreach (string principalName in Principals)
{
SPPrincipalInfo principalInfo = SPUtility.ResolvePrincipal(web.Site.WebApplication, null, principalName,
SPPrincipalType.All, SPPrincipalSource.All, false);
if (principalInfo != null)
{
SPRoleAssignment roleAssign = new SPRoleAssignment(principalInfo.LoginName, principalInfo.Email,
principalInfo.DisplayName, "");
roleAssign.RoleDefinitionBindings.Add(roleDef);
item.RoleAssignments.Add(roleAssign);
}
else
{
try
{
SPPrincipal group = web.SiteGroups[principalName];
SPRoleAssignment roleAssign = new SPRoleAssignment(group);
roleAssign.RoleDefinitionBindings.Add(roleDef);
item.RoleAssignments.Add(roleAssign);
}
catch (Exception ex)
{
SPRoleAssignment roleAssign = new SPRoleAssignment(principalName, "", "", "");
roleAssign.RoleDefinitionBindings.Add(roleDef);
item.RoleAssignments.Add(roleAssign);
}
}
}
}
public override void ItemUpdated(SPItemEventProperties properties)
{
SPListItem item1 = properties.ListItem;
var delemans = item1["Delegates"].AsString();
if (delemans.AsString().IsNullOrWhitespace())
{
return;
}
char[] split = { '#' };
string[] deles = delemans.Split(split);
List<SPPrincipal> principals = new List<SPPrincipal>();
for (int i = 0; i < deles.Length; i++)
{
if (deles[i].IsNullOrWhitespace())
{
continue;
}
principals.Add(item1.Web.Users[deles[i]]);
}
if (principals.Count > 0)
{
SPSecurity.RunWithElevatedPrivileges(delegate
{
using (SPSite site = new SPSite(properties.SiteId))
{
using (SPWeb web = site.OpenWeb("WorkFlowCenter"))
{
try
{
SPListItem item = web.Lists["Travel Request Workflow2"].GetItemById(item1.ID);
if (!item.HasUniqueRoleAssignments)
{
item.BreakRoleInheritance(true);
}
SPRoleDefinition AdminRoleDefinition = web.RoleDefinitions.GetByType(SPRoleType.Administrator);
SPRoleDefinition GuestRoleDefinition = web.RoleDefinitions.GetByType(SPRoleType.Guest);
foreach (SPPrincipal principal in principals)
{
SPRoleAssignment RoleAssignment = new SPRoleAssignment(principal);
RoleAssignment.RoleDefinitionBindings.Add(AdminRoleDefinition);
RoleAssignment.RoleDefinitionBindings.Remove(GuestRoleDefinition);
item.RoleAssignments.Remove(principal);
item.RoleAssignments.Add(RoleAssignment);
}
item["Delegates"] = string.Empty;
base.DisableEventFiring();
item.Update();
base.EnableEventFiring();
}
catch (Exception ex)
{
//TO-DO
}
}
}
});
}
}
public Hashtable CreateGroup(SPUserCodeWorkflowContext context, string groupName, string siteUrl, string owner, string description, string permissions)
{
Hashtable result = new Hashtable();
SPSite site = null;
SPWeb web = null;
try
{
if (String.IsNullOrEmpty(siteUrl))
{
siteUrl = context.CurrentWebUrl;
}
site = new SPSite(siteUrl);
web = site.OpenWeb();
var ownerUser = web.EnsureUser(owner);
web.SiteGroups.Add(groupName, ownerUser, null, description);
var group = web.SiteGroups.OfType <SPGroup>().Where(gn => gn.Name == groupName).First();
if (!String.IsNullOrEmpty(permissions))
{
StringReader permReader = new StringReader(permissions);
var roleAssignment = new SPRoleAssignment(group);
string perm;
while ((perm = permReader.ReadLine()) != null)
{
var roleDef = web.RoleDefinitions[perm];
roleAssignment.RoleDefinitionBindings.Add(roleDef);
}
web.RoleAssignments.Add(roleAssignment);
}
result["error"] = String.Empty;
}
catch (Exception ex)
{
result["error"] = ex.Message;
}
finally
{
if (web != null)
{
web.Dispose();
}
if (site != null)
{
site.Dispose();
}
}
return(result);
}
/// <summary>
/// Adds the specified user to the specified role for the specified list. Breaks Role Inheritance on the List Item if it hasn't already been broken.
/// </summary>
/// <param name="sourceWeb"></param>
/// <param name="list"></param>
/// <param name="principal"></param>
/// <param name="roleTypeValue"></param>
public static void AddListPermissionsForPrincipal(SPWeb sourceWeb, SPList list, SPPrincipal principal, SPRoleType roleTypeValue)
{
if (principal == null)
{
throw new ArgumentNullException("principal");
}
SPRoleAssignment roleAssignment = new SPRoleAssignment(principal);
SPRoleDefinition roleDefinition = sourceWeb.RoleDefinitions.GetByType(roleTypeValue);
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
sourceWeb.AllowUnsafeUpdates = true;
try
{
if (!list.HasUniqueRoleAssignments)
{
list.BreakRoleInheritance(true);
}
sourceWeb.AllowUnsafeUpdates = true;
list.RoleAssignments.Add(roleAssignment);
list.Update();
}
finally
{
sourceWeb.AllowUnsafeUpdates = false;
}
}
internal static void AddRole(SPWeb web, SPSecurableObject target, SPPrincipal principal, string roleDefinitionName)
{
var roleToAdd = web.RoleDefinitions.Cast <SPRoleDefinition>().FirstOrDefault(x => x.Name == roleDefinitionName);
if (roleToAdd != null)
{
EnsureBrokenRoleInheritance(target);
var assignments = target.RoleAssignments.Cast <SPRoleAssignment>().FirstOrDefault(x => x.Member.ID == principal.ID);
if (assignments == null)
{
assignments = new SPRoleAssignment(principal);
assignments.RoleDefinitionBindings.Add(roleToAdd);
target.RoleAssignments.Add(assignments);
}
else
{
assignments.RoleDefinitionBindings.Add(roleToAdd);
assignments.Update();
}
}
else
{
throw new ArgumentException("No RoleDefinition found for the name " + roleDefinitionName);
}
}
internal void SetPermissions(SPWeb web)
{
try
{
var list = web.GetList("UserPhotos");
var allUsers = web.EnsureUser("NT AUTHORITY\\authenticated users");
var roleAssignment = new SPRoleAssignment(allUsers);
var readerRole = web.RoleDefinitions.GetByType(SPRoleType.Reader);
roleAssignment.RoleDefinitionBindings.Add(readerRole);
if (!list.HasUniqueRoleAssignments)
{
list.BreakRoleInheritance(true);
}
list.RoleAssignments.Add(roleAssignment);
list.Update();
}
catch (Exception ex)
{
FoundationSync.LogMessage(1003, FoundationSync.LogCategories.FoundationSync,
TraceSeverity.Unexpected,
string.Format("Unable to set permissions on UserPhotos list. " +
"Add Authenticated Users with Read rights manually. {0}",
ex.InnerException), null);
}
}
public static int GetDelegateCount(SPPrincipal principal, SPWeb web, SPListItem ListItem)
{
int permissionCount = 0;
SPSecurity.RunWithElevatedPrivileges(delegate()
{
try
{
if (principal != null)
{
using (SPSite site = new SPSite(web.Site.ID))
{
using (SPWeb _web = site.OpenWeb(web.ServerRelativeUrl))
{
SPListItem _listitem = _web.Lists[ListItem.ParentList.ID].GetItemById(ListItem.ID);
_web.AllowUnsafeUpdates = true;
SPRoleAssignment role = _listitem.RoleAssignments.GetAssignmentByPrincipal(principal);
permissionCount = role.RoleDefinitionBindings.Count;
}
}
}
else
{
}
}
catch (Exception ex)
{
}
});
return(permissionCount);
}
/// <summary>
/// 给Item授权
/// </summary>
/// <param name="principal"></param>
/// <param name="web"></param>
/// <param name="ListItem"></param>
/// <param name="DelegateName"></param>
public static void DelegateForListItem(SPPrincipal principal, SPWeb web, SPListItem ListItem, string DelegateName)
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
try
{
using (SPSite site = new SPSite(web.Site.ID))
{
using (SPWeb _web = site.OpenWeb(web.ServerRelativeUrl))
{
SPListItem _listitem = _web.Lists[ListItem.ParentList.ID].GetItemById(ListItem.ID);
_web.AllowUnsafeUpdates = true;
SPRoleAssignment sra = new SPRoleAssignment(principal);
SPRoleDefinition srd = _web.RoleDefinitions[DelegateName];
sra.RoleDefinitionBindings.Add(srd);
_listitem.BreakRoleInheritance(true, false);
_listitem.RoleAssignments.Add(sra);
_listitem.Update();
}
}
}
catch (Exception ex)
{
}
});
}
public static void AddPermissionsToItem(SPWeb web, SPListItem item, Dictionary <SPPrincipal, string[]> assignments)
{
if (!item.HasUniqueRoleAssignments)
{
item.BreakRoleInheritance(false);
}
while (item.RoleAssignments.Count > 0)
{
item.RoleAssignments.Remove(0);
}
foreach (SPPrincipal principal in assignments.Keys)
{
foreach (string itemAssignment in assignments[principal])
{
SPRoleDefinition roleDef = GetPermissionLevel(web, itemAssignment);
if (roleDef == null)
{
continue;
}
SPRoleAssignment roleAssignment = new SPRoleAssignment(principal);
roleAssignment.RoleDefinitionBindings.Add(roleDef);
item.RoleAssignments.Add(roleAssignment);
}
}
//item.Update();
}
/// <summary>
/// Da permisos a la carpeta especificada
/// </summary>
/// <param name="name">Ruta de la Carpeta</param>
/// <param name="group">Grupo de Usuarios a los que da permisos</param>
/// <param name="role">Rol de la administrador</param>
/// <returns></returns>
public bool AddPermissionsInFolder(string name, string group, SPRoleType role)
{
try
{
var list = Web.Lists.TryGetList(Name);
if (list == null)
{
return(false);
}
var folderCollection = list.RootFolder.SubFolders[name];
if (!list.HasUniqueRoleAssignments)
{
list.BreakRoleInheritance(false);
}
if (!folderCollection.Item.HasUniqueRoleAssignments)
{
folderCollection.Item.BreakRoleInheritance(false);
}
var oGroup = Web.SiteGroups[group];
var roleAssignment = new SPRoleAssignment(oGroup);
var roleDefinition = Web.RoleDefinitions.GetByType(role);
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
folderCollection.Item.RoleAssignments.Add(roleAssignment);
folderCollection.Item.Update();
return(true);
}
catch (Exception exception)
{
Logger.Error(string.Concat("Exceptin Folder", exception.Message));
return(false);
}
}
/// <summary>
/// This method should be used instead of BreakRoleInheritance(true).
///
/// The OOTB method replicates all permissions from the parent, including the "Limited Access" permissions.
/// In environments with many users, there can be many of these meaningless permissions, which bloats the
/// SharePoint permission tables in SQL. This method reviews all RoleDefinitions in each principal's
/// RoleAssignments, stripping "Limited Access", before adding them to the item.
/// </summary>
/// <param name="item"></param>
public static void BreakCopyRoleInheritance(this SPListItem item)
{
SPRoleAssignmentCollection roleAssignments = item.RoleAssignments;
var activeAssignments = from SPRoleAssignment p in roleAssignments
where p.RoleDefinitionBindings.Count >= 1
select p;
item.BreakRoleInheritance(false);
foreach (SPRoleAssignment p in activeAssignments)
{
SPRoleAssignment assignment = new SPRoleAssignment(p.Member);
SPRoleDefinitionBindingCollection bindings = new SPRoleDefinitionBindingCollection();
foreach (SPRoleDefinition roleDef in p.RoleDefinitionBindings)
{
if (roleDef.Name != "Limited Access")
{
bindings.Add(roleDef);
}
}
if (bindings.Count > 0)
{
assignment.ImportRoleDefinitionBindings(bindings);
item.RoleAssignments.Add(assignment);
}
}
}
public static void SetReadOnly(SPListItem item, int userId)
{
SPWeb web = item.Web;
bool allowUnsafeUpdates = web.AllowUnsafeUpdates;
web.AllowUnsafeUpdates = true;
if (!item.HasUniqueRoleAssignments)
{
item.BreakRoleInheritance(true);
}
web.AllowUnsafeUpdates = true;
SPRoleAssignmentCollection roleAssignments = item.RoleAssignments;
for (int i = roleAssignments.Count - 1; i > -1; i--)
{
SPRoleAssignment assignment = roleAssignments[i];
if (assignment.Member.ID == userId)
{
SPRoleDefinitionBindingCollection roleDefinitionBindings = assignment.RoleDefinitionBindings;
if ((roleDefinitionBindings.Count != 1) || (roleDefinitionBindings[0].Type != SPRoleType.Reader))
{
roleDefinitionBindings.RemoveAll();
SPRoleDefinition byType = web.RoleDefinitions.GetByType(SPRoleType.Reader);
roleDefinitionBindings.Add(byType);
assignment.Update();
}
break;
}
}
web.AllowUnsafeUpdates = allowUnsafeUpdates;
}
/// <summary>
/// Removes the specified role from the specified principal's role assignments. This method will not
/// break role inheritance, and instead will return False.
/// </summary>
/// <param name="item">the effected list item</param>
/// <param name="principal">the principal whose permissions will be modified</param>
/// <param name="roleDef">the role to remove from the principal's role assignments. If null, all permissions are removed</param>
/// <returns>True if the role is successfully removed, otherwise false</returns>
public static bool TryRemovePermission(this SPListItem item, SPPrincipal principal, SPRoleDefinition roleDef)
{
bool retVal = true;
if (principal == null || item.HasUniqueRoleAssignments == false)
{
retVal = false;
}
else
{
try
{
SPRoleAssignment roleAssignment = item.RoleAssignments.GetAssignmentByPrincipal(principal);
if (roleAssignment != null)
{
item.RoleAssignments.Remove(principal);
if (roleDef != null && roleAssignment.RoleDefinitionBindings.Contains(roleDef))
{
roleAssignment.RoleDefinitionBindings.Remove(roleDef);
if (roleAssignment.RoleDefinitionBindings.Count > 0)
{
item.RoleAssignments.Add(roleAssignment);
}
}
}
}
catch (ArgumentOutOfRangeException) { }
catch (ArgumentException) { }
}
return(retVal);
}
private void AddCustomPermissions(SPListItem myItem, SPWeb web)
{
// Give Contribute to the author
SPRoleDefinition roledefinition = web.RoleDefinitions.GetByType(SPRoleType.Contributor);
SPRoleAssignment roleAssignment = new SPRoleAssignment(GetSPUser(myItem, "Author"));
roleAssignment.RoleDefinitionBindings.Add(roledefinition);
myItem.RoleAssignments.Add(roleAssignment);
// Give Read to anyone that the item has been shared with
if (myItem["SharedWith"] != null)
{
SPFieldUserValueCollection values = (SPFieldUserValueCollection)myItem["SharedWith"];
foreach (SPFieldUserValue value in values)
{
// Get a user from the key
var sharedUser = value.User;
// Change our role definition to Read
roledefinition = web.RoleDefinitions.GetByType(SPRoleType.Reader);
// Change our role assignment to the new user
roleAssignment = new SPRoleAssignment(sharedUser);
// Bind the new role
roleAssignment.RoleDefinitionBindings.Add(roledefinition);
myItem.RoleAssignments.Add(roleAssignment);
}
}
}
public static void SetReadOnly(SPListItem item)
{
SPWeb web = item.Web;
bool allowUnsafeUpdates = web.AllowUnsafeUpdates;
web.AllowUnsafeUpdates = true;
if (!item.HasUniqueRoleAssignments)
{
item.BreakRoleInheritance(true);
}
web.AllowUnsafeUpdates = true;
SPRoleAssignmentCollection roleAssignments = item.RoleAssignments;
int iD = web.Site.SystemAccount.ID;
int num2 = (web.AssociatedOwnerGroup != null) ? web.AssociatedOwnerGroup.ID : -1;
for (int i = roleAssignments.Count - 1; i > -1; i--)
{
SPRoleAssignment assignment = roleAssignments[i];
int num4 = assignment.Member.ID;
if ((num4 != iD) && (num4 != num2))
{
SPRoleDefinitionBindingCollection roleDefinitionBindings = assignment.RoleDefinitionBindings;
if ((roleDefinitionBindings.Count != 1) || (roleDefinitionBindings[0].Type != SPRoleType.Reader))
{
roleDefinitionBindings.RemoveAll();
SPRoleDefinition byType = web.RoleDefinitions.GetByType(SPRoleType.Reader);
roleDefinitionBindings.Add(byType);
assignment.Update();
}
}
}
web.AllowUnsafeUpdates = allowUnsafeUpdates;
}
private void SetGroupPermissions(SPWeb web, SPGroup group)
{
SetBaseLinePermissions(web, group);
string roleName = "";
switch (Role)
{
case "owner":
roleName = "Full Control";
break;
case "member":
roleName = "Contribute";
break;
default:
roleName = "Read";
break;
}
SPRoleAssignment assignment = new SPRoleAssignment(group);
SPRoleDefinition role = web.RoleDefinitions[roleName];
assignment.RoleDefinitionBindings.Add(role);
web.RoleAssignments.Add(assignment);
}
public override void FeatureActivated(SPFeatureReceiverProperties properties)
{
SPWeb web = (SPWeb)properties.Feature.Parent;
SPMember owner = web.SiteAdministrators[0];
SPUser user = (SPUser)owner;
if (!GroupExistsInSite(web, "Riverstone TFS Default Members"))
{
web.SiteGroups.Add("Riverstone TFS Default Members", owner, user, "This group contains the Riverstone Active Directory groups that have access to TFS portal sites by default.");
}
SPGroup defaultGroup = web.SiteGroups["Riverstone TFS Default Members"];
defaultGroup.OnlyAllowMembersViewMembership = false;
defaultGroup.Update();
SPRoleAssignment roleAssignment = new SPRoleAssignment(defaultGroup);
SPRoleDefinition contributeDefinition = web.RoleDefinitions["Contribute"];
roleAssignment.RoleDefinitionBindings.Add(contributeDefinition);
if (!GroupExistsInWeb(web, "Riverstone TFS Default Members"))
{
web.RoleAssignments.Add(roleAssignment);
}
AddUserToGroup(defaultGroup, "trg\\biudatasmes");
AddUserToGroup(defaultGroup, "trg\\biuoperations");
AddUserToGroup(defaultGroup, "trg\\biureporting");
AddUserToGroup(defaultGroup, "trg\\dataarchitect");
AddUserToGroup(defaultGroup, "trg\\developer");
AddUserToGroup(defaultGroup, "trg\\enterprisearchitect");
AddUserToGroup(defaultGroup, "trg\\pmuba");
AddUserToGroup(defaultGroup, "trg\\pmupm");
AddUserToGroup(defaultGroup, "trg\\tfsadministrator");
AddUserToGroup(defaultGroup, "trg\\OpsManagement");
}
private void CreateSubSiteGroup(SPWeb web, string groupName, SPRoleType roleType, string groupDescription)
{
var groupInSite = GroupExistsInSiteCollection(web, groupName);
if (!groupInSite)
{
web.AllowUnsafeUpdates = true;
web.Update();
web.BreakRoleInheritance(false);
SPGroupCollection groups = web.SiteGroups;
//for (int i = 0; i < web.SiteAdministrators.Count; i++)
//{
// SPUser owner = web.SiteAdministrators[i];
// SPMember member = web.SiteAdministrators[i];
//}
SPUser owner = web.SiteAdministrators[0];
SPMember member = web.SiteAdministrators[0];
groups.Add(groupName, member, owner, groupDescription);
SPGroup newSPGroup = groups[groupName];
SPRoleDefinition role = web.RoleDefinitions.GetByType(roleType);
SPRoleAssignment roleAssignment = new SPRoleAssignment(newSPGroup);
roleAssignment.RoleDefinitionBindings.Add(role);
web.RoleAssignments.Add(roleAssignment);
web.Update();
}
}
public static void CreateGroup(SPWeb web)
{
DeleteGroup(web);
try
{
web.SiteGroups.Add(Language.SMUGroupName, web.AssociatedOwnerGroup, null, Language.SMUGroupDescription);
SPGroup grp = web.SiteGroups.Cast <SPGroup>().FirstOrDefault(p => p.Name == Language.SMUGroupName);
if (grp == null)
{
throw new Exception(Language.GroupCreateError);
}
if (!web.HasUniqueRoleAssignments)
{
throw new Exception(Language.WebInheritsAssignments);
}
SPRoleAssignment ass = new SPRoleAssignment(grp);
SPRoleDefinition def = web.RoleDefinitions[Language.SMUPermissionName];
ass.RoleDefinitionBindings.Add(def);
web.RoleAssignments.Add(ass);
web.Update();
}
catch (Exception ex)
{
DeleteGroup(web);
WriteException(ex);
throw ex;
}
}
private void AddPermissionsProd(SPListItem item, SPPrincipal principal, SPRoleDefinition roleDefinition)
{
SPRoleAssignment ra = new SPRoleAssignment(principal);
ra.RoleDefinitionBindings.Add(roleDefinition);
item.RoleAssignments.Add(ra);
}
public static bool SetUserPermission(this SPListItem item, string userName, string permissionLevel)
{
var isSet = false;
try
{
item.Web.AllowUnsafeUpdates = true;
if (!item.HasUniqueRoleAssignments)
{
item.BreakRoleInheritance(false, false);
}
item.Update();
item.Web.Update();
var roleAssignment = new SPRoleAssignment(item.Web.AllUsers[userName]);
roleAssignment.RoleDefinitionBindings.Add(item.Web.RoleDefinitions[permissionLevel]);
item.RoleAssignments.Add(roleAssignment);
item.Update();
item.ParentList.Update();
item.Web.Update();
isSet = true;
}
catch (Exception ex)
{
Log.Error(ex);
throw new Exception($"SharePointCore: Error on {nameof(SetUserPermission)}", ex);
}
return(isSet);
}
private bool UpdateUserPermissions(SPWeb web, SPRoleAssignmentCollection roleAssignments, XmlNodeList principalUserNodes)
{
bool dirty = false;
foreach (XmlNode principalUserNode in principalUserNodes)
{
string loginName = principalUserNode.Attributes["login"].Value;
string userName = principalUserNode.Attributes["name"].Value;
try
{
SPClaimProviderManager cpm = SPClaimProviderManager.Local;
SPClaim userClaim = cpm.ConvertIdentifierToClaim(loginName, SPIdentifierTypes.WindowsSamAccountName);
SPUser user = web.EnsureUser(userClaim.ToEncodedString());
if (user == null)
{
throw new Exception();
}
SPPrincipal userPrincipal = (SPPrincipal)user;
try
{
SPRoleAssignment roleAssignment = roleAssignments.GetAssignmentByPrincipal(userPrincipal);
if (roleAssignment == null)
{
throw new Exception();
}
UpdatePrincipal(web, principalUserNode,
string.Format("{0,20}, '{1,15}'", userName, loginName),
roleAssignment);
}
catch
{
output.Append(string.Format("permissins missing for user: {0,20} with login: {1,15}, adding new..." + Environment.NewLine, userName, loginName));
SPRoleAssignment roleAssignmentNew = new SPRoleAssignment(userPrincipal);
XmlNodeList roleNodes = principalUserNode.SelectNodes("role");
foreach (XmlNode roleNode in roleNodes)
{
string roleName = roleNode.Attributes["name"].Value;
if (roleName.ToLower().Equals("limited access"))
{
roleName = "Limited User";
}
SPRoleDefinition role = web.RoleDefinitions[roleName];
roleAssignmentNew.RoleDefinitionBindings.Add(role);
}
roleAssignments.Add(roleAssignmentNew);
output.Append("completed" + Environment.NewLine);
dirty = true;
}
}
catch { output.Append(string.Format("user not found: {0,20} with login: {1,15}" + Environment.NewLine, userName, loginName)); }
}
return(dirty);
}
private static void SetFolderPermissions(SPWeb web, string folderName, string memGrpName, string visGrpName, string blackbeltGroupName, string greenbeltGroupName, SPFolder fldr)
{
try
{
SPRoleDefinition pwcContribute = web.RoleDefinitions["PWC Contribute"];
SPRoleDefinition read = web.RoleDefinitions["Read"];
SPRoleDefinition viewOnly = web.RoleDefinitions["View Only"];
SPRoleDefinition pwcBronzeAdmin = web.RoleDefinitions["PWC Bronze Admin"];
SPRoleDefinition fullControl = web.RoleDefinitions["Full Control"];
SPGroup newMemGroup = web.SiteGroups[memGrpName];
SPGroup newVisGroup = web.SiteGroups[visGrpName];
SPGroup BBGroup = web.SiteGroups[blackbeltGroupName];
SPGroup GBGroup = web.SiteGroups[greenbeltGroupName];
SPListItem li = fldr.Item;
if (li.Name.Equals(folderName))
{
li.BreakRoleInheritance(false);
while (li.RoleAssignments.Count > 0)
{
li.RoleAssignments.Remove(0);
}
SPRoleAssignment spRoleAssignMemGrp = new SPRoleAssignment(newMemGroup);
spRoleAssignMemGrp.RoleDefinitionBindings.Add(pwcContribute);
li.RoleAssignments.Add(spRoleAssignMemGrp);
SPRoleAssignment spRoleAssignVisGrp = new SPRoleAssignment(newVisGroup);
spRoleAssignVisGrp.RoleDefinitionBindings.Add(read);
li.RoleAssignments.Add(spRoleAssignVisGrp);
SPRoleAssignment spRoleAssignBBGroup = new SPRoleAssignment(BBGroup);
spRoleAssignBBGroup.RoleDefinitionBindings.Add(read);
li.RoleAssignments.Add(spRoleAssignBBGroup);
SPRoleAssignment spRoleAssignGBGroup = new SPRoleAssignment(GBGroup);
spRoleAssignGBGroup.RoleDefinitionBindings.Add(read);
li.RoleAssignments.Add(spRoleAssignGBGroup);
//SPRoleAssignment spRoleAssignBronzeAdminGrp = new SPRoleAssignment(bronzeAdminGroup);
//spRoleAssignBronzeAdminGrp.RoleDefinitionBindings.Add(pwcBronzeAdmin);
//spRoleAssignBronzeAdminGrp.RoleDefinitionBindings.Add(pwcContribute);
// li.RoleAssignments.Add(spRoleAssignBronzeAdminGrp);
//SPRoleAssignment spRoleAssignOwnerGrp = new SPRoleAssignment(ownerGroup);
//spRoleAssignOwnerGrp.RoleDefinitionBindings.Add(fullControl);
// li.RoleAssignments.Add(spRoleAssignOwnerGrp);
}
}
catch (Exception e)
{
e.Message.ToString();
// ULSLogger.LogErrorInULS("Inside catch in setFolderPermissions() in PWC Secure Folder Feature---" + e.Message);
}
}
public static SPRoleAssignment GetRoleAssignment(SPWeb web, SPPrincipal principal, SPRoleType roleType)
{
SPRoleAssignment roleAssign = new SPRoleAssignment(principal);
SPRoleDefinition roleDef = web.RoleDefinitions.GetByType(roleType);
roleAssign.RoleDefinitionBindings.Add(roleDef);
return roleAssign;
}
public void For(SPPrincipal principal)
{
var assignment = new SPRoleAssignment(principal);
assignment.RoleDefinitionBindings.Add(web.RoleDefinitions[roleDefinitionName]);
roleAssignments.Add(assignment);
}
public void AddNewItemLvlPerm(SPListItem item, SPWeb oWeb, SPRoleType roleType, SPPrincipal principal)
{
SPRoleDefinition role = oWeb.RoleDefinitions.GetByType(roleType);
SPRoleAssignment assign = new SPRoleAssignment(principal);
assign.RoleDefinitionBindings.Add(role);
item.RoleAssignments.Add(assign);
}
/// <summary>
/// Grants the permission to specified user or group.
/// </summary>
/// <param name="web">The web.</param>
/// <param name="subject">The subject.</param>
/// <param name="userName">Name of the user.</param>
/// <param name="roleType">Type of the role.</param>
public static void GrantPermission(SPWeb web, SPSecurableObject subject, string userName, SPRoleType roleType)
{
SPPrincipal user = TryGetUser(userName, web);
SPPrincipal principal = user != null ? user : (SPPrincipal)web.SiteGroups[userName];
SPRoleDefinition roleDefinition = web.RoleDefinitions.GetByType(roleType);
SPRoleAssignment roleAssignment = new SPRoleAssignment(principal);
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
subject.RoleAssignments.Add(roleAssignment);
}
public static void AssignPermissions(this SPSecurableObject securableObject, SPPrincipal principal, SPRoleDefinition roleDefinition, bool replaceAllDefinitions = false, bool copyRoleAssignments = false, bool clearSubscopes = true)
{
if (securableObject is SPWeb)
{
if (!securableObject.HasUniqueRoleAssignments)
{
securableObject.BreakRoleInheritance(copyRoleAssignments, clearSubscopes);
}
}
else
{
securableObject.BreakRoleInheritance(copyRoleAssignments, clearSubscopes);
}
SPRoleAssignment roleAssignment = GetAssignment(securableObject, principal);
if (roleAssignment != null)
{
if (replaceAllDefinitions)
{
roleAssignment.RoleDefinitionBindings.RemoveAll();
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
}
else
{
if (!roleAssignment.RoleDefinitionBindings.Contains(roleDefinition))
{
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
}
}
try
{
roleAssignment.Update();
}
catch (ArgumentException)
{
//Note: fix for 'Cannot update a permission level assignment that is not part of a permission level assignment collection.'
securableObject.RoleAssignments.Add(roleAssignment);
}
}
else
{
roleAssignment = new SPRoleAssignment(principal);
if (!roleAssignment.RoleDefinitionBindings.Contains(roleDefinition))
{
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
}
securableObject.RoleAssignments.Add(roleAssignment);
}
}
public SPDGServerRoleAssignment(SPDGPrincipal member)
: base(member, new List<SPDGRoleDefinition>())
{
if (member is SPDGServerUser)
{
_roleAssignment = new SPRoleAssignment(((SPDGServerUser) member).SPUser);
}
else
{
_roleAssignment = new SPRoleAssignment(((SPDGServerGroup) member).Group);
}
}
/// <summary>
/// Add role assignment for the principal into web
/// </summary>
/// <param name="web"></param>
/// <param name="principal"></param>
/// <param name="permissionLevel"></param>
public static void AddRoleAssignment(SPWeb web, SPPrincipal principal, string permissionLevel)
{
var roleDefinition = GetRoleDefinition(web, permissionLevel);
if (roleDefinition == null)
{
throw new ArgumentNullException(permissionLevel);
}
var roleAssignment = new SPRoleAssignment(principal);
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
web.RoleAssignments.Add(roleAssignment);
}
/// <summary>
/// An item was added.
/// </summary>
public override void ItemAdded(SPItemEventProperties properties)
{
try
{
SPList spList = properties.List;
if (spList.Title.Equals("MSA Schedule"))
{
SPFieldUrlValue spFieldURL = new SPFieldUrlValue();
spFieldURL.Url = "/sites/ffl/Pages/MSA.aspx?SID=" + properties.ListItemId;
spFieldURL.Description = "Please click here";
SPListItem spListItem = properties.ListItem;
spListItem["MSAFormLink"] = spFieldURL;
SPGroup spGroup = properties.Web.SiteGroups["HSE-FFL"];
SPRoleDefinition spRole = properties.Web.RoleDefinitions["Contribute"];
SPRoleAssignment roleAssignment = new SPRoleAssignment(spGroup);
roleAssignment.RoleDefinitionBindings.Add(spRole);
if (Convert.ToString(spListItem["FFLEmailAddress"]) != null)
{
SPUser spUSer = properties.Web.SiteUsers.GetByEmail(Convert.ToString(spListItem["FFLEmailAddress"]));
SPRoleDefinition spRole1 = properties.Web.RoleDefinitions["Read"];
SPRoleAssignment roleAssignment1 = new SPRoleAssignment(spUSer);
roleAssignment1.RoleDefinitionBindings.Add(spRole1);
spListItem.BreakRoleInheritance(false);
spListItem.RoleAssignments.Add(roleAssignment);
spListItem.RoleAssignments.Add(roleAssignment1);
}
spListItem.Update();
}
else
{
properties.Status = SPEventReceiverStatus.CancelNoError;
}
}
catch (Exception ex)
{
SPDiagnosticsService.Local.WriteTrace(0, new SPDiagnosticsCategory("MSAEventReceiver", TraceSeverity.Unexpected, EventSeverity.Error), TraceSeverity.Unexpected, ex.Message, ex.StackTrace);
}
finally
{
base.ItemAdded(properties);
}
}
private void ProcessSPGroupHost(SPGroup modelHost, SPGroup securityGroup, SecurityRoleLinkDefinition securityRoleLinkModel)
{
// TODO
// need common validation infrastructure
var web = securityGroup.ParentWeb;
var securityRoleAssignment = new SPRoleAssignment(securityGroup);
var roleDefinition = web.RoleDefinitions[securityRoleLinkModel.SecurityRoleName];
if (!securityRoleAssignment.RoleDefinitionBindings.Contains(roleDefinition))
{
InvokeOnModelEvent(this, new ModelEventArgs
{
CurrentModelNode = null,
Model = null,
EventType = ModelEventType.OnProvisioning,
Object = null,
ObjectType = typeof(SPRoleDefinition),
ObjectDefinition = securityRoleLinkModel,
ModelHost = modelHost
});
securityRoleAssignment.RoleDefinitionBindings.Add(roleDefinition);
}
else
{
InvokeOnModelEvent(this, new ModelEventArgs
{
CurrentModelNode = null,
Model = null,
EventType = ModelEventType.OnProvisioning,
Object = roleDefinition,
ObjectType = typeof(SPRoleDefinition),
ObjectDefinition = securityRoleLinkModel,
ModelHost = modelHost
});
}
InvokeOnModelEvent(this, new ModelEventArgs
{
CurrentModelNode = null,
Model = null,
EventType = ModelEventType.OnProvisioned,
Object = roleDefinition,
ObjectType = typeof(SPRoleDefinition),
ObjectDefinition = securityRoleLinkModel,
ModelHost = modelHost
});
web.RoleAssignments.Add(securityRoleAssignment);
web.Update();
}
protected void bind_role(SPListItem item, SPPrincipal principal, SPRoleDefinition definition)
{
try
{
SPRoleAssignment assignment = new SPRoleAssignment(principal);
assignment.RoleDefinitionBindings.Add(definition);
item.RoleAssignments.Add(assignment);
}
catch (Exception ex)
{
throw ex;
}
}
protected void btnGrantPermssion_Click(object sender, EventArgs e)
{
SPPrincipal principal = web.SiteUsers[ddUsers.SelectedValue];
SPFolderCollection submissions = web.Lists[ddDocLibs.SelectedValue].RootFolder.SubFolders;
SPFolder newFolder = submissions.Add(folderName.Text);
SPListItem folderItem = newFolder.Item;
folderItem.BreakRoleInheritance(false);
folderItem.Update();
SPRoleAssignment folderRoleAssignment = new SPRoleAssignment(principal);
folderRoleAssignment.RoleDefinitionBindings.Add(web.RoleDefinitions[ddPermissionsLevels.SelectedValue]);
folderItem.RoleAssignments.Add(folderRoleAssignment);
}
protected override void DeployModelInternal(object modelHost, DefinitionBase model)
{
var securableObject = modelHost.WithAssertAndCast<SPSecurableObject>("modelHost", value => value.RequireNotNull());
var securityGroupLinkModel = model.WithAssertAndCast<SecurityGroupLinkDefinition>("model", value => value.RequireNotNull());
var web = GetWebFromSPSecurableObject(securableObject);
var securityGroup = web.SiteGroups[securityGroupLinkModel.SecurityGroupName];
var roleAssignment = new SPRoleAssignment(securityGroup);
// default one, it will be removed later
var dummyRole = web.RoleDefinitions.GetByType(SPRoleType.Reader);
if (!roleAssignment.RoleDefinitionBindings.Contains(dummyRole))
roleAssignment.RoleDefinitionBindings.Add(dummyRole);
// this is has to be decided later - what is the strategy fro breaking role inheritance
if (!securableObject.HasUniqueRoleAssignments)
securableObject.BreakRoleInheritance(false);
InvokeOnModelEvent(this, new ModelEventArgs
{
CurrentModelNode = null,
Model = null,
EventType = ModelEventType.OnProvisioning,
Object = roleAssignment,
ObjectType = typeof(SPRoleAssignment),
ObjectDefinition = model,
ModelHost = modelHost
});
securableObject.RoleAssignments.Add(roleAssignment);
InvokeOnModelEvent(this, new ModelEventArgs
{
CurrentModelNode = null,
Model = null,
EventType = ModelEventType.OnProvisioned,
Object = roleAssignment,
ObjectType = typeof(SPRoleAssignment),
ObjectDefinition = model,
ModelHost = modelHost
});
// GOTCHA!!! supposed to continue chain with adding role definitions via RoleDefinitionLinks
roleAssignment.RoleDefinitionBindings.RemoveAll();
}
// Uncomment the method below to handle the event raised before a feature is deactivated.
//public override void FeatureDeactivating(SPFeatureReceiverProperties properties)
//{
//}
// Uncomment the method below to handle the event raised after a feature has been installed.
public override void FeatureInstalled(SPFeatureReceiverProperties properties)
{
SPSite site = new SPSite(NewsString.RootSiteUrl);
SPWeb spWeb = site.RootWeb;
spWeb.AllowUnsafeUpdates = true;
SPGroupCollection groupCollection = spWeb.Groups;
if (NewsUtil.IsGroupAlreadyExist(spWeb,NewsString.GroupContribute) == false)
{
spWeb.SiteGroups.Add(NewsString.GroupContribute, spWeb.CurrentUser, spWeb.CurrentUser, string.Empty);
SPGroup group = spWeb.SiteGroups[NewsString.GroupContribute];
SPRoleDefinition roleDefinition = spWeb.RoleDefinitions.GetByType(SPRoleType.Contributor);
SPRoleAssignment roleAssigment = new SPRoleAssignment(group);
roleAssigment.RoleDefinitionBindings.Add(roleDefinition);
spWeb.RoleAssignments.Add(roleAssigment);
spWeb.Update();
}
}
public static void AddRoleAssignment(SPSecurableObject securableObject, SPDGPrincipal principal, IEnumerable<SPDGRoleDefinition> roleDefinitions)
{
SPPrincipal spPrincipal;
if (principal is SPDGServerUser)
{
spPrincipal = ((SPDGServerUser)principal).SPUser;
}
else
{
spPrincipal = ((SPDGServerGroup)principal).Group;
}
SPRoleAssignment roleAss = new SPRoleAssignment(spPrincipal);
foreach (var spdgRoleDefinition in roleDefinitions)
{
var spRoleDef = ((SPDGServerRoleDefinition)spdgRoleDefinition).RoleDefinition;
roleAss.RoleDefinitionBindings.Add(spRoleDef);
}
securableObject.RoleAssignments.Add(roleAss);
}
/// <summary>
/// 为某个SPPrincipal赋于针对某个SPListItem的权限. 权限由rd来决定.
/// </summary>
/// <param name="item">某个需要赋于权限的SPListItem</param>
/// <param name="spPrincipalName">用户登录名称或者是MOSS User Group, 如果是EMail地址, 则略过</param>
/// <param name="rd">需要赋于的权限级别名称</param>
public static void AddRoleAssignmentToListItem(SPListItem item, string spPrincipalName, SPRoleDefinition rd)
{
// 表明这个LoginName是电子邮件地址类型:SmtpAddress
if (spPrincipalName.IndexOf("@") >= 0)
return;
SPRoleAssignment ra = null;
// 如果spPrincipalName里面包含\, 则表示是一个AccountId, 否则是一个SPGroup
if (spPrincipalName.IndexOf("\\") >= 0)
ra = new SPRoleAssignment(spPrincipalName, string.Empty, string.Empty, string.Empty);
else
{
try
{
SPGroup group = item.Web.Groups[spPrincipalName];
if (group != null)
{
ra = new SPRoleAssignment(group);
}
}
catch { }
}
if (ra == null)
return;
SPRoleDefinition rd_temp = null;
// 特别处理的地方:rd在创建并添加到Web.RoleDefinitions之后, 还不能直接使用rd这个变量,可能是复制了一个副本,然后再添加到Collection中去的,所以这里需要从Collection中查找副本, 然后再对其进行引用
// 不可以直接写为: ra.RoleDefinitionBindings.Add(rd) ; 会报错称不能使用Web中未定义的RD
// 这个问题的本质原因在于创建类RoleDefinition之后, 前面拿到的SPWeb不会同步更新, 重新打开SPWeb就可以解决问题
for (int index = 0; index < item.Web.RoleDefinitions.Count; index++)
if (item.Web.RoleDefinitions[index].Name.ToLower() == rd.Name.ToLower())
rd_temp = item.Web.Site.RootWeb.RoleDefinitions[index];
ra.RoleDefinitionBindings.Add(rd_temp);
item.BreakRoleInheritance(false);
item.RoleAssignments.Add(ra);
}
/// <summary>
/// Create SharePoint grou
/// </summary>
/// <param name="web"></param>
/// <param name="groupName">SharePoint group name</param>
/// <param name="permissionLevel">Type of Permission</param>
/// <returns></returns>
public static bool CreateGroup(this SPWeb web, string groupName, SPRoleType permissionLevel)
{
try
{
var owner = web.SiteAdministrators[0];
var member = web.SiteAdministrators[0];
var groups = web.SiteGroups;
groups.Add(groupName, member, owner, string.Empty);
var newSPGroup = groups[groupName];
var role = web.RoleDefinitions.GetByType(permissionLevel);
var roleAssignment = new SPRoleAssignment(newSPGroup);
roleAssignment.RoleDefinitionBindings.Add(role);
web.RoleAssignments.Add(roleAssignment);
web.Update();
return true;
}
catch (Exception exception)
{
Logger.Error(string.Concat("Error Create ", exception.Message));
return false;
}
}
/// <summary>
/// Add Permission in a Site
/// </summary>
/// <param name="group"></param>
/// <param name="role"></param>
/// <returns></returns>
public bool AddPermision(string group, RoleType role)
{
try
{
var oGroup = Web.Site.RootWeb.Groups.GetByName(group);
var roleAssignment = new SPRoleAssignment(oGroup);
var roleDefinition = Web.RoleDefinitions.GetByType((SPRoleType) role);
roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
if (!Web.HasUniqueRoleAssignments)
{
Web.BreakRoleInheritance(false);
}
Web.RoleAssignments.Add(roleAssignment);
Web.Update();
return true;
}
catch (Exception exception)
{
Logger.Error(string.Concat("Error AddPermission :", exception.Message));
return false;
}
}
/// <summary>
/// Sets the object security.
/// </summary>
/// <param name="web">The web.</param>
/// <param name="targetObject">The target object.</param>
/// <param name="itemName">Name of the item.</param>
/// <param name="sourceElement">The source element.</param>
private static void SetObjectSecurity(SPWeb web, SPSecurableObject targetObject, string itemName, XmlElement sourceElement)
{
bool hasUniqueRoleAssignments = bool.Parse(sourceElement.GetAttribute("HasUniqueRoleAssignments"));
if (!hasUniqueRoleAssignments && targetObject.HasUniqueRoleAssignments)
{
Logger.Write("Progress: Setting target object to inherit permissions from parent for \"{0}\".", itemName);
targetObject.ResetRoleInheritance();
return;
}
else if (hasUniqueRoleAssignments && !targetObject.HasUniqueRoleAssignments)
{
Logger.Write("Progress: Breaking target object inheritance from parent for \"{0}\".", itemName);
targetObject.BreakRoleInheritance(false);
}
else if (!hasUniqueRoleAssignments && !targetObject.HasUniqueRoleAssignments)
{
Logger.Write("Progress: Ignoring \"{0}\". Target object and source object both inherit from parent.", itemName);
return; // Both are inheriting so don't change.
}
if (hasUniqueRoleAssignments && targetObject.HasUniqueRoleAssignments)
{
while (targetObject.RoleAssignments.Count > 0)
targetObject.RoleAssignments.Remove(0); // Clear out any existing permissions
}
foreach (XmlElement roleAssignmentElement in sourceElement.SelectNodes("RoleAssignments/RoleAssignment"))
{
string memberName = roleAssignmentElement.GetAttribute("Member");
string userName = null;
if (roleAssignmentElement.HasAttribute("LoginName"))
userName = roleAssignmentElement.GetAttribute("LoginName");
SPRoleAssignment existingRoleAssignment = GetRoleAssignement(web, targetObject, memberName, userName);
if (existingRoleAssignment != null)
{
if (AddRoleDefinitions(web, existingRoleAssignment, roleAssignmentElement))
{
existingRoleAssignment.Update();
Logger.Write("Progress: Updated \"{0}\" at target object \"{1}\".", memberName, itemName);
}
}
else
{
SPPrincipal principal = GetPrincipal(web, memberName, userName);
if (principal == null)
{
Logger.WriteWarning("Progress: Unable to add Role Assignment for \"{0}\" - Member \"{1}\" not found.", itemName, memberName);
continue;
}
SPRoleAssignment newRA = new SPRoleAssignment(principal);
AddRoleDefinitions(web, newRA, roleAssignmentElement);
if (newRA.RoleDefinitionBindings.Count == 0)
{
Logger.WriteWarning("Progress: Unable to add \"{0}\" to target object \"{1}\" (principals with only \"Limited Access\" cannot be added).", memberName, itemName);
continue;
}
Logger.Write("Progress: Adding new Role Assignment \"{0}\".", newRA.Member.Name);
targetObject.RoleAssignments.Add(newRA);
existingRoleAssignment = GetRoleAssignement(targetObject, principal);
if (existingRoleAssignment == null)
{
Logger.WriteWarning("Progress: Unable to add \"{0}\" to target object \"{1}\".", memberName, itemName);
}
else
{
Logger.Write("Progress: Added \"{0}\" to target object \"{1}\".", memberName, itemName);
}
}
}
}
/// <summary>
/// Adds the role definitions.
/// </summary>
/// <param name="web">The web.</param>
/// <param name="roleAssignment">The role assignment.</param>
/// <param name="roleAssignmentElement">The role assignment element.</param>
/// <returns></returns>
private static bool AddRoleDefinitions(SPWeb web, SPRoleAssignment roleAssignment, XmlElement roleAssignmentElement)
{
bool modified = false;
foreach (XmlElement roleDefinitionElement in roleAssignmentElement.SelectNodes("RoleDefinitionBindings/RoleDefinition"))
{
string name = roleDefinitionElement.GetAttribute("Name");
if (name == "Limited Access")
continue;
SPRoleDefinition existingRoleDef = null;
try
{
existingRoleDef = web.RoleDefinitions[name];
}
catch (Exception) { }
if (existingRoleDef == null)
{
Logger.Write("Progress: Adding new Role Definition \"{0}\".", name);
SPBasePermissions perms = SPBasePermissions.EmptyMask;
foreach (string perm in roleDefinitionElement.GetAttribute("BasePermissions").Split(','))
{
perms = perms | (SPBasePermissions)Enum.Parse(typeof(SPBasePermissions), perm, true);
}
existingRoleDef = new SPRoleDefinition();
existingRoleDef.Name = name;
existingRoleDef.BasePermissions = perms;
existingRoleDef.Description = roleDefinitionElement.GetAttribute("Description");
existingRoleDef.Order = int.Parse(roleDefinitionElement.GetAttribute("Order"));
existingRoleDef.Update();
SPWeb tempWeb = web;
while (!tempWeb.HasUniqueRoleDefinitions)
tempWeb = tempWeb.ParentWeb;
tempWeb.RoleDefinitions.Add(existingRoleDef);
}
if (!roleAssignment.RoleDefinitionBindings.Contains(existingRoleDef))
{
roleAssignment.RoleDefinitionBindings.Add(existingRoleDef);
modified = true;
}
}
List<SPRoleDefinition> roleDefsToRemove = new List<SPRoleDefinition>();
foreach (SPRoleDefinition roleDef in roleAssignment.RoleDefinitionBindings)
{
if (roleDef.Name == "Limited Access")
continue;
bool found = false;
foreach (XmlElement roleDefinitionElement in roleAssignmentElement.SelectNodes("RoleDefinitionBindings/RoleDefinition"))
{
if (roleDef.Name == roleDefinitionElement.GetAttribute("Name"))
{
found = true;
break;
}
}
if (!found)
{
roleDefsToRemove.Add(roleDef);
modified = true;
}
}
foreach (SPRoleDefinition roleDef in roleDefsToRemove)
{
Logger.Write("Progress: Removing '{0}' from '{1}'", roleDef.Name, roleAssignment.Member.Name);
roleAssignment.RoleDefinitionBindings.Remove(roleDef);
}
return modified;
}
public SPDGServerRoleAssignment(SPRoleAssignment roleAssignment, SPDGPrincipal member, IEnumerable<SPDGRoleDefinition> roleDefinitionBindings)
: base(member, roleDefinitionBindings)
{
_roleAssignment = roleAssignment;
}
public static bool AddGroupRole(SPList list, string groupName, SPRoleType role)
{
bool res = false;
try
{
SPGroupCollection groups = list.ParentWeb.SiteGroups;
foreach (SPGroup gr in groups)
{
if (gr.Name == groupName) return true;
}
SPGroup group = GroupManager.CreateGroup(list.ParentWeb, groupName);
if (group == null) return res;
SPRoleAssignment roleAssignmentAdmin = new SPRoleAssignment((SPPrincipal)group);
SPRoleDefinition roleAdmin = list.ParentWeb.RoleDefinitions.GetByType(role);
roleAssignmentAdmin.RoleDefinitionBindings.Add(roleAdmin);
list.RoleAssignments.Add(roleAssignmentAdmin);
list.Update();
res = true;
}
catch (Exception ex)
{
UlsLogging.LogError("AddGroupRole(SPList list, string groupName, SPRoleType role). Message: {0}, StackTrace: {1}", ex.Message, ex.StackTrace);
}
return res;
}
/// <summary>
/// /// <summary>
/// format param "userID#RoleName,UserID#RoleName"
/// format param "groupName#RoleName,groupName#RoleName"
/// </summary>
/// <param name="item"></param>
/// <param name="parameters">
/// <param name="UsersIDAndRole"></param>
/// <param name="GroupsAndRole"></param>
/// </param>
/// <returns></returns>
public static bool SetPermissionToListItem(SPListItem item, IDictionary<string, string> parameters)
{
bool res = false;
try
{
RunSite.ByWeb(item.ParentList.ParentWeb, (site, web) =>
{
SPListItem _item = web.GetList(item.ParentList.DefaultViewUrl).Items.GetItemById(item.ID);
_item.BreakRoleInheritance(false);
while (_item.RoleAssignments.Count > 0)
{
_item.RoleAssignments.Remove(0);
}
if (parameters.ContainsKey("UsersIDAndRole"))
{
string users = parameters["UsersIDAndRole"];
string[] fields = users.Split(',');
foreach (string field in fields)
{
int userID = Int32.Parse(field.Split('#')[0]);
SPUser user = web.AllUsers.GetByID(userID);
string roleName = Convert.ToString(field.Split('#')[1]);
SPRoleAssignment roleassignment_user = new SPRoleAssignment(user);
SPRoleDefinition roleDefinition = web.RoleDefinitions.Cast<SPRoleDefinition>().FirstOrDefault(r => r.Name == roleName);
roleassignment_user.RoleDefinitionBindings.Add(roleDefinition);
_item.RoleAssignments.Add(roleassignment_user);
}
}
if (parameters.ContainsKey("GroupsAndRole"))
{
string groups = parameters["GroupsAndRole"];
string[] fields = groups.Split(',');
foreach (string field in fields)
{
string[] pField = field.Split('#');
string groupName = pField[0];
SPGroup group = web.SiteGroups[groupName];
string roleName = Convert.ToString(pField[1]);
if (group == null)
{
UlsLogging.LogInformation("On site {0} not found group {1}", web.Url, field);
}
else
{
SPRoleAssignment roleassignment_user = new SPRoleAssignment(group);
SPRoleDefinition roleDefinition = web.RoleDefinitions.Cast<SPRoleDefinition>().FirstOrDefault(r => r.Name == roleName);
roleassignment_user.RoleDefinitionBindings.Add(roleDefinition);
_item.RoleAssignments.Add(roleassignment_user);
}
}
}
_item.Update();
res = true;
});
}
catch (Exception ex)
{
UlsLogging.LogError("ListItem. GetWorkflowItemHistory(SPListItem item). Message: {0}, StackTrace: {1}", ex.Message, ex.StackTrace);
}
return res;
}
/// <summary>
/// Runs the specified command.
/// </summary>
/// <param name="command">The command.</param>
/// <param name="keyValues">The key values.</param>
/// <param name="output">The output.</param>
/// <returns></returns>
public override int Execute(string command, StringDictionary keyValues, out string output)
{
output = string.Empty;
if (Params["role"].UserTypedIn && Params["group"].UserTypedIn)
throw new SPException(SPResource.GetString("ExclusiveArgs", new object[] { "role, group" }));
string url = Params["url"].Value.TrimEnd('/');
string login = Params["userlogin"].Value;
string email = Params["useremail"].Value;
string username = Params["username"].Value;
using (SPSite site = new SPSite(url))
using (SPWeb web = site.AllWebs[Utilities.GetServerRelUrlFromFullUrl(url)])
{
login = Utilities.TryGetNT4StyleAccountName(login, web.Site.WebApplication);
// First lets see if our user already exists.
SPUser user = null;
try
{
user = web.AllUsers[login];
}
catch (SPException) { }
if (user == null)
{
web.SiteUsers.Add(login, email, username, string.Empty);
user = web.AllUsers[login];
}
if (Params["role"].UserTypedIn)
{
SPRoleDefinition roleDefinition = null;
try
{
roleDefinition = web.RoleDefinitions[Params["role"].Value];
}
catch (ArgumentException) {}
if (roleDefinition == null)
throw new SPException("The specified role does not exist.");
SPRoleDefinitionBindingCollection roleDefinitionBindings = new SPRoleDefinitionBindingCollection();
roleDefinitionBindings.Add(roleDefinition);
SPRoleAssignment roleAssignment = new SPRoleAssignment(user);
roleAssignment.ImportRoleDefinitionBindings(roleDefinitionBindings);
web.RoleAssignments.Add(roleAssignment);
}
else if (Params["group"].UserTypedIn)
{
SPGroup group = null;
try
{
group = web.SiteGroups[Params["group"].Value];
}
catch (ArgumentException) {}
if (group == null)
throw new SPException("The specified group does not exist.");
group.AddUser(user);
}
}
return (int)ErrorCodes.NoError;
}
private void GiveUserPrivelegesToWorkspace(SPUser user, SPItemEventProperties properties)
{
InitializeWebAppProperties(properties);
string workspaceURL = properties.Web.ServerRelativeUrl;
//workspaceURL = workspaceURL.Remove(0, emisSiteURL.Length);
workspaceURL = workspaceURL.Substring(workspaceURL.IndexOf("Agenda-"));
using (SPSite emisSite = new SPSite(emisSiteURL))
{
using (SPWeb currentWorkspace = emisSite.OpenWeb(workspaceURL))
{
currentWorkspace.AllowUnsafeUpdates = true;
SPRoleAssignment role;
role = new SPRoleAssignment(currentWorkspace.EnsureUser(user.LoginName));
role.RoleDefinitionBindings.Add(currentWorkspace.RoleDefinitions["Restricted Contribute"]);
currentWorkspace.RoleAssignments.Add(role);
currentWorkspace.AllowUnsafeUpdates = false;
currentWorkspace.Update();
}
}
}
internal static void AddRole(SPWeb web, SPSecurableObject target, SPPrincipal principal, string roleDefinitionName)
{
var roleToAdd = web.RoleDefinitions.Cast<SPRoleDefinition>().FirstOrDefault(x => x.Name == roleDefinitionName);
if (roleToAdd != null)
{
EnsureBrokenRoleInheritance(target);
var assignments = target.RoleAssignments.Cast<SPRoleAssignment>().FirstOrDefault(x => x.Member.ID == principal.ID);
if (assignments == null)
{
assignments = new SPRoleAssignment(principal);
assignments.RoleDefinitionBindings.Add(roleToAdd);
target.RoleAssignments.Add(assignments);
}
else
{
assignments.RoleDefinitionBindings.Add(roleToAdd);
assignments.Update();
}
}
else
{
throw new ArgumentException("No RoleDefinition found for the name " + roleDefinitionName);
}
}
protected void btnRedirect_Click(object sender, EventArgs e)
{
if (pe.CommaSeparatedAccounts == string.Empty)
{
lblErrorMsg.Visible = true;
return;
}
try
{
SPWeb web = SPControl.GetContextWeb(this.Context);
using (SPSite site = new SPSite(web.Url, web.Site.SystemAccount.UserToken))
{
using (SPWeb webSA = site.OpenWeb())
{
webSA.AllowUnsafeUpdates = true;
SPList taskList = webSA.Lists[taskListId];
SPListItem taskItem = taskList.GetItemById(taskItemId);
SPUser newUser = null;
string newAssignedTo = string.Empty;
try
{
newUser = webSA.SiteUsers[pe.CommaSeparatedAccounts];
newAssignedTo = newUser.ID.ToString();
}
catch
{
lbl.Text = "Redirect user is not valid.";
return;
}
SPFieldUserValue oldUserVal = new SPFieldUserValue(webSA, taskItem["AssignedTo"].ToString().Split(new string[] { ";#" }, StringSplitOptions.RemoveEmptyEntries)[0]);
string oldAssignedTo = oldUserVal.User.LoginName.ToString();
SPRoleAssignmentCollection rolecoll = taskItem.RoleAssignments;
for (int i = rolecoll.Count - 1; i > -1; i--)
{
SPRoleAssignment item = rolecoll[i];
Type type = item.Member.GetType();
if (type.Name == "SPUser" && item.RoleDefinitionBindings[0].Name != "Read")
{
SPUser user = item.Member as SPUser;
if (oldAssignedTo.ToLower() == user.LoginName.ToLower())
{
rolecoll.Remove(item.Member);
}
}
}
SPRoleDefinition ContributeRoleDefinition = taskItem.Web.RoleDefinitions["Contribute"];
SPRoleAssignment RoleAssignment = new SPRoleAssignment(newUser.LoginName, string.Empty, string.Empty, string.Empty);
RoleAssignment.RoleDefinitionBindings.Add(ContributeRoleDefinition);
taskItem.RoleAssignments.Add(RoleAssignment);
taskItem["AssignedTo"] = newAssignedTo;
taskItem.Update();
webSA.AllowUnsafeUpdates = false;
lbl.Text = "Successfully redirect task to user " + newUser.LoginName.ToLower();
pe.Enabled = false;
btnRedirect.Enabled = false;
}
}
}
catch
{
lbl.Text = "Error. Please try again.";
}
}
private void CreateNewGroup(SPWeb web, string groupName, string groupDescription)
{
if (string.IsNullOrEmpty(groupName)) return;
try
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
SPUserCollection users = web.AllUsers;
SPUser owner = users[web.Author.LoginName];
SPMember member = users[web.Author.LoginName];
try
{
//Add the group to the SPWeb web
SPGroupCollection groups = web.SiteGroups;
groups.Add(groupName, member, owner, groupDescription);
//Associate the group with SPWeb
web.AssociatedGroups.Add(web.SiteGroups[groupName]);
web.Update();
}
catch { }
//Assignment of the roles to the group.
SPRoleAssignment assignment = new SPRoleAssignment(web.SiteGroups[groupName]);
SPRoleDefinition _role = web.RoleDefinitions.GetByType(SPRoleType.Reader);
assignment.RoleDefinitionBindings.Add(_role);
web.RoleAssignments.Add(assignment);
});
}
catch
{
// Not catch exception because check group exists
}
}
public override void DeployModel(object modelHost, DefinitionBase model)
{
var securableObject = ExtractSecurableObject(modelHost);
var securityGroupLinkModel = model.WithAssertAndCast<SecurityGroupLinkDefinition>("model", value => value.RequireNotNull());
if (!securableObject.HasUniqueRoleAssignments)
{
TraceService.Information((int)LogEventId.ModelProvisionCoreCall, "securableObject.HasUniqueRoleAssignments = false. Breaking with false-false options.");
securableObject.BreakRoleInheritance(false, false);
}
var web = GetWebFromSPSecurableObject(securableObject);
var securityGroup = ResolveSecurityGroup(web, securityGroupLinkModel);
var roleAssignment = securableObject.RoleAssignments
.OfType<SPRoleAssignment>()
.FirstOrDefault(a => a.Member.ID == securityGroup.ID);
var isNewRoleAssignment = false;
if (roleAssignment == null)
{
TraceService.Information((int)LogEventId.ModelProvisionProcessingNewObject,
"Processing new security group link");
roleAssignment = new SPRoleAssignment(securityGroup);
isNewRoleAssignment = true;
}
else
{
TraceService.Information((int)LogEventId.ModelProvisionProcessingExistingObject, "Processing existing security group link");
}
InvokeOnModelEvent(this, new ModelEventArgs
{
CurrentModelNode = null,
Model = null,
EventType = ModelEventType.OnProvisioning,
Object = roleAssignment,
ObjectType = typeof(SPRoleAssignment),
ObjectDefinition = model,
ModelHost = modelHost
});
if (isNewRoleAssignment)
{
// add default guest role as hidden one
// we need to at least one role in order to create assignment
// further provision will chech of there is only one role - Reader, and will remove it
roleAssignment.RoleDefinitionBindings.Add(web.RoleDefinitions.GetByType(SPRoleType.Reader));
}
securableObject.RoleAssignments.Add(roleAssignment);
InvokeOnModelEvent(this, new ModelEventArgs
{
CurrentModelNode = null,
Model = null,
EventType = ModelEventType.OnProvisioned,
Object = roleAssignment,
ObjectType = typeof(SPRoleAssignment),
ObjectDefinition = model,
ModelHost = modelHost
});
}
private bool HasEditPermission(SPRoleAssignment ra)
{
foreach (SPRoleDefinition ed in ra.RoleDefinitionBindings)
{
if ((ed.BasePermissions & SPBasePermissions.EditListItems) == SPBasePermissions.EditListItems ||
(ed.BasePermissions & SPBasePermissions.DeleteListItems) == SPBasePermissions.DeleteListItems)
{
return true;
}
}
return false;
}
/*private IServiceLocator serviceLocator;
private IConfigPropertiesParser configPropertiesParser;
private IFileSystemHelper fileSystemHelper;
private ILogger logger;*/
public override void FeatureActivated(SPFeatureReceiverProperties properties)
{
/*serviceLocator = SharePointServiceLocator.GetCurrent();
configPropertiesParser = serviceLocator.GetInstance<IConfigPropertiesParser>();
fileSystemHelper = serviceLocator.GetInstance<IFileSystemHelper>();
logger = serviceLocator.GetInstance<ILogger>();*/
/*logger.Debug(string.Format("Start feature {0} activation.", properties.Feature.Definition.DisplayName));
logger.Debug("Reading configuration...");*/
/*var configuration = GetSitesConfiguration(properties, configPropertiesParser);*/
var configuration = GetSitesConfiguration(properties, null);
// logger.Debug("Done. Reading configuration.");
var sites = GetSiteCollections(properties);
// logger.Debug("Getting application root site");
var rootSite = GetRootSite(properties);
if (rootSite == null)
{
// logger.Debug("Web application root site is not found. Trying to create it.");
rootSite = AddSite(sites, configuration.RootSite, configuration);
// logger.Debug("Done. Creating web application root site.");
}
// logger.Debug("Done. Getting application root site.");
var rootWeb = GetRootWeb(rootSite);
// logger.Debug("Creating groups...");
foreach (var group in configuration.Groups)
{
// logger.Debug(string.Format("Creating group: {0}", group.Name));
if (!ContainsGroup(rootWeb.SiteGroups, group.Name))
{
// logger.Debug(string.Format("Site: {0} hasn't group: {1}", rootWeb.Name, group.Name));
// logger.Debug(string.Format("Ensure user: {0}", configuration.SitesOwner));
var owner = rootWeb.EnsureUser(configuration.SitesOwner);
// logger.Debug(string.Format("Done. Ensure user: {0}", configuration.SitesOwner));
// logger.Debug(string.Format("Adding group: {0}", group.Name));
rootWeb.SiteGroups.Add(group.Name, owner, owner, group.Description);
// logger.Debug(string.Format("Done. Adding group: {0}", group.Name));
}
// logger.Debug(string.Format("Adding users to group: {0}", group.Name));
var newGroup = rootWeb.SiteGroups[group.Name];
foreach (var user in group.Users)
{
// logger.Debug(string.Format("Adding user: {0} to group {1}", user.Login, group.Name));
newGroup.AddUser(user.Login, string.Empty, user.Login, string.Empty);
// logger.Debug(string.Format("Done. Adding user: {0} to group {1}", user.Login, group.Name));
}
// logger.Debug(string.Format("Done. Adding users to group: {0}", group.Name));
// logger.Debug(string.Format("Done. Creating group: {0}", group.Name));
}
// logger.Debug("Done. Creation of groups");
foreach (var site in configuration.Sites)
{
// logger.Debug(string.Format("creating site: {0}", site.Name));
if (SiteCollectionExists(sites, site.Name))
{
// logger.Debug(string.Format("Site {0} already exists. Attempting to delete it.", site.Name));
sites.Delete(site.Name);
// logger.Debug(string.Format("Done. Site {0} deletion.", site.Name));
}
// logger.Debug(string.Format("Creating new empty site: {0}", site.Name));
var newSite = AddSite(sites, site, configuration);
// logger.Debug(string.Format("Done. Empty site {0} creation.", site.Name));
/*logger.Debug(string.Format("Granting permissions for site {0}", site.Name));*/
foreach (var permission in site.Permissions)
{
/*logger.Debug(string.Format(
"Granting permissionLevel: {0} to group: {1} on site {2}",
permission.PermissionLevelId,
permission.GroupName,
site.Name));*/
var roleAssignment = new SPRoleAssignment(rootWeb.SiteGroups[permission.GroupName]);
roleAssignment.RoleDefinitionBindings.Add(rootWeb.RoleDefinitions.GetById(permission.PermissionLevelId));
GetRootWeb(newSite).RoleAssignments.Add(roleAssignment);
/*logger.Debug(string.Format(
"Done. Granting permissionLevel: {0} to group: {1} on site {2}",
permission.PermissionLevelId,
permission.GroupName,
site.Name));*/
}
/*logger.Debug(string.Format("Done. Granting permissions for site {0}", site.Name));*/
}
/*logger.Debug(string.Format("Done. Feature {0} activation.", properties.Feature.Definition.DisplayName));*/
}
