SharePoint 2010: Setting Item Level Permission on a List Folder

Scenario:
Sometime we run into a situation where we got to set a item level permission on a particular folder in a list. Possible reason to that can be hiding data from other users, if the folder is owned by a specific user and contain some private information. 

About the Code:
In the following, I had a similar, aforementioned, requirement with a slight punch of a management group that was suppose to view everything and then I had normal users, among whom, the owner of the folder was suppose to have rights to viewing and contributing. Thus I had to set permissions for the users who owned the folder and then for the management group. BTW originally it was a sand-boxed solution. 
    
 private void setPermissions(SPFolder folder)
    {        
 SPGroupCollection spc = web.SiteGroups;
//Break the role inheritance in order to assign individual rights on folders
 if (!folder.Item.HasUniqueRoleAssignments)
 {
  folder.Item.BreakRoleInheritance(true);
 }

//This was quite tricky. I first delete all the user/groups and then reassigned my //group and the user. In high likelihood, one would bump into an exception if one //tries to delete the system account.So I've this Try&Catch block.
while (folder.Item.RoleAssignments.Count > 0)
 {
  try
  {
   folder.Item.RoleAssignments.Remove(0);
  }
  catch (Exception)
  {
   break;
  }
 }

 //Role Assignment For the Current User

 SPUser CurrentUser = SPContext.Current.Web.CurrentUser;
 SPGroup group =  spc["GroupName"];
 SPRoleAssignment roleAssignment = new SPRoleAssignment((SPPrincipal) CurrentUser);
 roleAssignment.RoleDefinitionBindings.Add(web.RoleDefinitions.GetByType(SPRoleType.Administrator));
 folder.Item.RoleAssignments.Add(roleAssignment);
 
 
 //Role Assignment for the Group "Contentteam - Management"
 roleAssignment = new SPRoleAssignment((SPPrincipal)group);
 
 roleAssignment.RoleDefinitionBindings.Add(web.RoleDefinitions.GetByType(SPRoleType.Administrator));
 folder.Item.RoleAssignments.Add(roleAssignment);
//Set AllowUnsafeUpdates to true, even if you've done this already. This         //weird
site.AllowUnsafeUpdates = true;
folder.Item.Update();
    }

Verification "The Litmus Test":
Now to check the effects of the code, go to the list where your folder resides. Then look in the "List" tab in the ribbon. Press "List Permissions" and then you will come across the following screen.  You will see a notification on the top of the page. Press "Show me uniquely secured items of this list"


and then a dialogue box pops up. Select the "manage permissions" link against the folder you worked on and you will see all the users and group who have the rights to access this folder. you will notice that, only those users and groups are present which you added.

So this did the trick for me. If you didn't understand the code then you got understand the role and right configuration in SharePoint 2010 first and obviously you can ask me. BTW I'm open to suggestions.

References:
http://www.thespgeek.com/2011/08/assigning-sharepoint-list-item-level.html (Great work SP Geek)

Vaqar Hyder

E: vaqar.hyder3567@gmail.com

A:

Siebenbürgen Straße 2/1, Korntal-Münchingen, 70825, PK

Hire me on Freelancer.com

Comments

Post a Comment

Popular posts from this blog

SPFx: Develop using SharePoint Framework without Installing all the dependecies.

Image
SharePoint Framework (SPFx) has been around for more than 5 years now with being Generally available since Feb 2017.  In the recent times, its been possible to develop webparts for SharePoint on-prem as well using SPFx and with that it is getting harder to maintain multiple versions of required toolchains. e.g. Node. For M365 you can use the latest version of SPFx but probably you know, if you aim to develop webparts for the SharePoint Server 2016 platform, for instance, you need to use the SharePoint Framework v1.1.0 due to the server-side version dependencies. So yet another challenge is using the correct version of the SPFx and Nodejs for the particular project . Although I personally used to like Node Version Manager which lets you manage multiple installations of node.js on a Windows computer but still one needs to isolate SharePoint Framework dependencies if you are targeting multiple platform from on PC. 2nd Problematic scenario begins when you start developing SPFx extensi...
Read more

SharePoint Online: Elevated Permissions....with love

Image
Remember the good old days! when using RunWithElevatedPrivileges(SPSecurity.CodeToRunElevated), in the SharePoint server-side object model, would let us run our code (Full trust code) with full control i.e. granting us higher permission (as System Account) and letting us performs tasks that waren't permited to do in current user context.  Now, that, we have SharePoint addin and SharePoint online webparts, one still wonders if there is still a way of achieving that. Since there are use cases where a user needs a higher permission, for instance.  Changing a status of a field in a list where the current logged in user has read only permission.  Reading member of a SharePoint group.  In Workflows  like SharePoint Designer workflow you used to have App step, in Nintex workflow you have elevated permission and in MS Flow Impersonation is possible using connectors in Flow triggered by HTTP request can run under System account as show in the video below:  Other wa...
Read more

Powershell: Filling up an Existing Excel Sheet with data from SQL Server

Situation: The client required to have data from their SQL Server 2012 Database filled in to an existing Excel Sheet. This sheet had a table with around 40 columns of which 12 where to be filled by us and rest from different departments. I tried different solution for that since the requirements were not initially clear. Forexample OPENROWSET was tried. In this regards this link really helpful. Although this requires few configuration to be made on the server or to install e.g. ACE.OLEDB driver on server which was not possible in our case. So we decided to write a Powershell script and access SQL Now about the script: Take the file TestExcel.xlsx from C:\Temp folder Create its copy with the current date appended to its name.  Start reading the Excel file from Sheet "Specified Sheet Name" From Columns 1, it will take the name of the system.  Based on the name fill the excel sheet by executing the queries, here are the columns that are going to ...
Read more