public static void DeleteRoleDefinition(this RoleDefinitionCollection roleDefinitions, int id) { RoleDefinition roleDefinition = roleDefinitions.GetById(id); roleDefinition.DeleteObject(); roleDefinitions.Context.ExecuteQuery(); }
/// <summary> /// Assigns permissions to users on the specified list item. /// </summary> /// <param name="clientcontext">Client context object</param> /// <param name="listName">Site pages library</param> /// <param name="users">List of users</param> /// <param name="permission">Permission to grant</param> /// <param name="listItemId">Unique list item Id for permissions assignment</param> /// <returns>Status of permission assignment</returns> internal static string AssignUserPermissionsToItem(ClientContext clientcontext, string listName, List <string> users, string permission, int listItemId) { { string returnvalue = "false"; try { List <string> permissions = new List <string>(); permissions.Add(permission); Web web = clientcontext.Web; clientcontext.Load(web.RoleDefinitions); ListItem listItem = web.Lists.GetByTitle(listName).GetItemById(listItemId); clientcontext.Load(listItem, item => item.HasUniqueRoleAssignments); clientcontext.ExecuteQuery(); if (listItem.HasUniqueRoleAssignments) { if (null != permissions && null != users) //matter.permissions=read/limited access/contribute/ full control/ view only { foreach (string rolename in permissions) { try { RoleDefinitionCollection roleDefinitions = clientcontext.Web.RoleDefinitions; RoleDefinition role = (from roleDef in roleDefinitions where roleDef.Name == rolename select roleDef).First(); foreach (string user in users) { //get the user object Principal userprincipal = clientcontext.Web.EnsureUser(user); //create the role definition binding collection RoleDefinitionBindingCollection roledefinitionbindingcollection = new RoleDefinitionBindingCollection(clientcontext); //add the role definition to the collection roledefinitionbindingcollection.Add(role); //create a role assignment with the user and role definition listItem.RoleAssignments.Add(userprincipal, roledefinitionbindingcollection); } //execute the query to add everything clientcontext.ExecuteQuery(); } catch (Exception exception) { MatterProvisionHelperFunction.DisplayAndLogError(errorFilePath, "Message: " + exception.Message + "\nStacktrace: " + exception.StackTrace); throw; // Check } } } // success. return a success code returnvalue = "true"; } } catch (Exception exception) { MatterProvisionHelperFunction.DisplayAndLogError(errorFilePath, string.Format(CultureInfo.InvariantCulture, ConfigurationManager.AppSettings["ErrorMessage"], "assigning Permission")); MatterProvisionHelperFunction.DisplayAndLogError(errorFilePath, "Message: " + exception.Message + "\nStacktrace: " + exception.StackTrace); throw; } return(returnvalue); } }
public static void DeleteRoleDefinition(this RoleDefinitionCollection roleDefinitions, string name) { RoleDefinition roleDefinition = roleDefinitions.GetByName(name); roleDefinition.DeleteObject(); roleDefinitions.Context.ExecuteQuery(); }
public static RoleDefinition CreateRoleDefinition(this RoleDefinitionCollection roleDefinitions, RoleDefinitionCreationInformation roleDefCreateInfo) { RoleDefinition roleDefinition = roleDefinitions.Add(roleDefCreateInfo); roleDefinitions.Context.Load(roleDefinition); roleDefinitions.Context.ExecuteQuery(); return(roleDefinition); }
/// <summary> /// Get permissions of specified permission level /// </summary> /// <param name="clientContext">Client context</param> /// <param name="permissionLevelName">Name of permission level</param> /// <returns>RoleDefinition object that represents specified permission level</returns> private static RoleDefinition GetPermissionLevel(ClientContext clientContext, string permissionLevelName) { RoleDefinitionCollection roleDefCollection = clientContext.Web.RoleDefinitions; clientContext.Load(roleDefCollection, item => item); clientContext.ExecuteQuery(); RoleDefinition matterCenterContribute = roleDefCollection.Where(item => item.Name == permissionLevelName).FirstOrDefault(); return(matterCenterContribute); }
/// <summary> /// Returns all names of given RoleDefinitions as HashSet. /// </summary> /// <param name="roleDefinitions">RoleDefinitions to read the names</param> /// <returns>names of RoleDefinitions</returns> internal static HashSet <string> ReadNames(this RoleDefinitionCollection roleDefinitions) { HashSet <string> names = new HashSet <string>(); foreach (var roleDefinition in roleDefinitions) { names.Add(roleDefinition.Name); } return(names); }
private RoleDefinition FindRoleDefinition(RoleDefinitionCollection roleDefinitions, string roleDefinitionName) { foreach (var roleDefinition in roleDefinitions) { if (string.Compare(roleDefinition.Name, roleDefinitionName, true) == 0) { return(roleDefinition); } } return(null); }
public static RoleDefinition CreateRoleDefinition(this RoleDefinitionCollection roleDefinitions, BasePermissions permissions, string name, string description, int order) { RoleDefinitionCreationInformation roleDefCreateInfo = new RoleDefinitionCreationInformation { BasePermissions = permissions, Name = name, Description = description, Order = order }; return(roleDefinitions.CreateRoleDefinition(roleDefCreateInfo)); }
private HashSet <string> GetRoleDefinitions(Web web) { RoleDefinitionCollection roleDefinitions = web.RoleDefinitions; ClientContext.Load(roleDefinitions); ClientContext.ExecuteQueryRetry(); var hashSet = new HashSet <string>(StringComparer.OrdinalIgnoreCase); foreach (var roleDef in roleDefinitions) { hashSet.Add(roleDef.Name); } return(hashSet); }
protected RoleDefinition FindRoleDefinition(RoleDefinitionCollection roleDefinitions, string roleDefinitionName) { TraceService.VerboseFormat((int)LogEventId.ModelProvisionCoreCall, "Resolving view by Name: [{0}]", roleDefinitionName); foreach (var roleDefinition in roleDefinitions) { if (string.Compare(roleDefinition.Name, roleDefinitionName, true) == 0) { return(roleDefinition); } } return(null); }
/// <summary> /// Imports the new RoleDefinitions. /// </summary> /// <exception cref="ElementsMigrationException">If migration fails</exception> private void ImportNewRoleDefinitions() { Console.WriteLine("import new RoleDefinitions..."); Logger.AddMessage("import new RoleDefinitions..."); RoleDefinitionCollection sourceRoleDefinitionCollection = this.GetAllRollDefinitions(SourceClientContext); RoleDefinitionCollection targetRoleDefinitionCollection = this.GetAllRollDefinitions(TargetClientContext); HashSet <string> targetRoleDefinitionNames = targetRoleDefinitionCollection.ReadNames(); foreach (var sourceRoleDefinition in sourceRoleDefinitionCollection) { if (!targetRoleDefinitionNames.Contains(sourceRoleDefinition.Name)) { Console.WriteLine("import roleDefinition '{0}'", sourceRoleDefinition.Name); Logger.AddMessage("import RoleDefinition '" + sourceRoleDefinition.Name + "'"); RoleDefinitionCreationInformation creationObject = new RoleDefinitionCreationInformation(); creationObject.BasePermissions = sourceRoleDefinition.BasePermissions; creationObject.Description = sourceRoleDefinition.Description; creationObject.Name = sourceRoleDefinition.Name; creationObject.Order = sourceRoleDefinition.Order; RoleDefinition targetRoleDefinition = targetRoleDefinitionCollection.Add(creationObject); try { targetRoleDefinition.Tag = sourceRoleDefinition.Tag; } catch (PropertyOrFieldNotInitializedException) { } } else { Console.WriteLine("don't have to import '{0}'", sourceRoleDefinition.Name); Logger.AddMessage("don't have to import '" + sourceRoleDefinition.Name + "'"); } } try { TargetClientContext.ExecuteQuery(); } catch (Exception e) { Console.WriteLine("Exception during importing new RoleDefinition.", e); Logger.AddMessage("Exception during importing new RoleDefinition. Error = " + e.Message); throw new ElementsMigrationException("Exception during importing new RoleDefinition.", e); } }
/// <summary> /// Returns all RoleDefinition of given SharePoint. /// </summary> /// <param name="clientContext">ClientContext of SharePoint</param> /// <returns>RoleDefinitions of given SharePoint</returns> /// <exception cref="ElementsMigrationException">If RoleDefinitions could not be fetched</exception> private RoleDefinitionCollection GetAllRollDefinitions(ClientContext clientContext) { Web web = clientContext.Web; RoleDefinitionCollection roleDefinitions = web.RoleDefinitions; try { clientContext.Load(roleDefinitions); clientContext.ExecuteQuery(); } catch (Exception e) { Console.WriteLine("Exception during fetching the RoleDefinitons.", e); Logger.AddMessage("Exception during fetching the RoleDefinitons. Error = " + e.Message); throw new ElementsMigrationException("Exception during fetching the RoleDefinitons.", e); } return(roleDefinitions); }
/// <summary> /// Updates user permission /// </summary> /// <param name="clientcontext">Client context</param> /// <param name="matterName">Matter name</param> /// <param name="users">Users object</param> /// <param name="list">List object</param> /// <param name="rolename">Role name</param> private static void UpdateUserPermission(ClientContext clientcontext, string matterName, List <string> users, List list, string rolename) { try { RoleDefinitionCollection roleDefinitions = clientcontext.Web.RoleDefinitions; RoleDefinition role = (from roleDef in roleDefinitions where roleDef.Name == rolename select roleDef).First(); foreach (string user in users) { //get the user object Principal userprincipal = clientcontext.Web.EnsureUser(user); //create the role definition binding collection RoleDefinitionBindingCollection roledefinitionbindingcollection = new RoleDefinitionBindingCollection(clientcontext); //add the role definition to the collection roledefinitionbindingcollection.Add(role); //create a role assignment with the user and role definition list.RoleAssignments.Add(userprincipal, roledefinitionbindingcollection); } //execute the query to add everything clientcontext.ExecuteQuery(); } // SharePoint specific exception catch (ClientRequestException clientRequestException) { Utility.DisplayAndLogError(Utility.ErrorFilePath, "Message: " + clientRequestException.Message + "Matter name: " + matterName + "\nStacktrace: " + clientRequestException.StackTrace); throw; } // SharePoint specific exception catch (ServerException serverException) { Utility.DisplayAndLogError(Utility.ErrorFilePath, "Message: " + serverException.Message + "Matter name: " + matterName + "\nStacktrace: " + serverException.StackTrace); throw; } }
/// <summary> /// Constructor for SiteSecurityPermissions class /// </summary> public SiteSecurityPermissions() { this._roleDefinitions = new RoleDefinitionCollection(this.ParentTemplate); this._roleAssignments = new RoleAssignmentCollection(this.ParentTemplate); }
/// <summary> /// Assigns permission to group /// </summary> /// <param name="clientcontext">Client Context</param> /// <param name="matterCenterGroup">Group for which permission is to be assigned</param> /// <param name="list">List at which permission is to be assigned</param> /// <param name="listName">Name of the list</param> /// <param name="isCustomPermission">Custom permission flag</param> /// <returns>Status of operation</returns> private static bool AssignPermission(ClientContext clientcontext, Group matterCenterGroup, List list, string listName, bool isCustomPermission) { string errorFilePath = Directory.GetParent(Directory.GetCurrentDirectory()) + "/" + "ErrorLog.txt"; bool result = false; try { if (null != clientcontext && null != list && null != matterCenterGroup) { // first breaking permissions Console.WriteLine("Breaking Permissions for " + listName + " list..."); if (!list.HasUniqueRoleAssignments) { list.BreakRoleInheritance(true, true); list.Update(); clientcontext.Load(list); clientcontext.ExecuteQuery(); } //// assigning permissions Principal principal = matterCenterGroup; RoleDefinition role = null; int permission = Convert.ToInt32(ConfigurationManager.AppSettings["Permission"], CultureInfo.InvariantCulture); permission = isCustomPermission ? 3 : permission; switch (permission) { case 0: role = clientcontext.Web.RoleDefinitions.GetByType(RoleType.Contributor); break; case 1: role = clientcontext.Web.RoleDefinitions.GetByType(RoleType.Administrator); break; case 3: string permissionLevel = ConfigurationManager.AppSettings["MatterCenterContributePermission"]; RoleDefinitionCollection roles = clientcontext.Web.RoleDefinitions; clientcontext.Load(roles); clientcontext.ExecuteQuery(); role = roles.Where(item => item.Name == permissionLevel).FirstOrDefault(); break; case 2: default: role = clientcontext.Web.RoleDefinitions.GetByType(RoleType.Reader); break; } RoleDefinitionBindingCollection grpRole = new RoleDefinitionBindingCollection(clientcontext); if (null != role) { grpRole.Add(role); } list.RoleAssignments.Add(principal, grpRole); list.Update(); clientcontext.ExecuteQuery(); result = true; } } catch (Exception exception) { result = false; ErrorLogger.LogErrorToTextFile(errorFilePath, "Message: " + exception.Message + "\nStacktrace: " + exception.StackTrace); } return(result); }
public static async Task <HttpResponseMessage> Run([HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "AddExternalUser")] HttpRequestMessage req, TraceWriter log) { try { // Gets data from request body. log.Info("Starting..."); dynamic data = await req.Content.ReadAsAsync <object>(); string siteUrl = data.SiteUrl; string currentEmail = data.CurrentUser_EmailAddress; string groupName = data.GroupName; log.Info(siteUrl); log.Info(currentEmail); log.Info(groupName); if (String.IsNullOrEmpty(siteUrl) || String.IsNullOrEmpty(currentEmail)) { return(req.CreateResponse(HttpStatusCode.BadRequest, "Please pass parametes site URL and Email Address in request body!")); } // Fetches client id and client secret from app settings. string clientId = Environment.GetEnvironmentVariable("ClientId", EnvironmentVariableTarget.Process); string clientSecret = Environment.GetEnvironmentVariable("ClientSecret", EnvironmentVariableTarget.Process); string urlAdminSite = Environment.GetEnvironmentVariable("UrlAdminSite", EnvironmentVariableTarget.Process); // Obtains client context using the client id and client secret. //var ctx = new OfficeDevPnP.Core.AuthenticationManager().GetAppOnlyAuthenticatedContext(urlAdminSite, clientId, clientSecret); //Tenant tenant = new Tenant(ctx); //SiteProperties siteProps = tenant.GetSitePropertiesByUrl(siteUrl, true); //log.Info("a"); //ctx.Load(siteProps); //log.Info("after tenant:" + siteUrl); //ctx.ExecuteQuery(); //log.Info("after line " + siteUrl); var newctx = new OfficeDevPnP.Core.AuthenticationManager().GetAppOnlyAuthenticatedContext(siteUrl, clientId, clientSecret); Site site = newctx.Site; Web web = site.RootWeb; log.Info("get web"); Group group = null; RoleDefinitionCollection permissionLevels = web.RoleDefinitions; log.Info("permissionLevels"); newctx.Load(web); newctx.Load(web.SiteGroups); newctx.Load(permissionLevels); log.Info("execute query"); newctx.ExecuteQuery(); log.Info("after newctx"); //if (CheckUserDomainFrom(siteProps, currentEmail)) //{ // If group doesn't exist in web, add it if (!GroupExistsInWebSite(web, groupName)) { if (groupName == "SCJ External Contribute") { //var permissionLevelExist = permissionLevels.Select(p => p.Name == "SCJ External Contribute").Count(); // Create Custom Permission Level //if (permissionLevelExist!=0) CreateContributePermissionLevel(web); // Create new Group group = AddGroup(web, groupName); // Add Custom Pemission Level to Group web.AddPermissionLevelToGroup(groupName, "SCJ External Contribute", true); } if (groupName == "SCJ External Read") { // Create Custom Permission Level CreateReadPermissionLevel(web); // Create new Group group = AddGroup(web, groupName); // Add Custom Pemission Level to Group web.AddPermissionLevelToGroup(groupName, "SCJ External Read", true); } } else // Just Add the user to group { group = web.SiteGroups.GetByName(groupName); } newctx.ExecuteQuery(); return(req.CreateResponse(HttpStatusCode.OK, true)); //} // return req.CreateResponse(HttpStatusCode.OK, false); } catch (Exception e) { return(req.CreateResponse(HttpStatusCode.InternalServerError, e.Message)); } }
protected RoleDefinition FindRoleDefinition(RoleDefinitionCollection roleDefinitions, string roleDefinitionName) { TraceService.VerboseFormat((int)LogEventId.ModelProvisionCoreCall, "Resolving view by Name: [{0}]", roleDefinitionName); foreach (var roleDefinition in roleDefinitions) if (string.Compare(roleDefinition.Name, roleDefinitionName, true) == 0) return roleDefinition; return null; }
public SiteSecurityPermissions() { this._roleDefinitions = new RoleDefinitionCollection(this.ParentTemplate); this._roleAssignments = new RoleAssignmentCollection(this.ParentTemplate); }
protected RoleDefinition FindRoleDefinition(RoleDefinitionCollection roleDefinitions, string roleDefinitionName) { foreach (var roleDefinition in roleDefinitions) if (string.Compare(roleDefinition.Name, roleDefinitionName, true) == 0) return roleDefinition; return null; }