C# Class Microsoft.SharePoint.Client.SecurityExtensions

This manager class holds security related methods
Mostrar archivo Open project: OfficeDev/PnP-Sites-Core

Public Methods

Method Description
AddAdministrators ( this web, List adminLogins, bool addToOwnersGroup = false ) : void

Add a site collection administrator to a site collection

AddGroup ( this web, string groupName, string groupDescription, bool groupIsOwner, bool updateAndExecuteQuery = true, bool onlyAllowMembersViewMembership = false ) : Group

Adds a group

AddPermissionLevelToGroup ( this securableObject, string groupName, RoleType permissionLevel, bool removeExistingPermissionLevels = false ) : void

Add a permission level (e.g.Contribute, Reader,...) to a group

AddPermissionLevelToGroup ( this securableObject, string groupName, string roleDefinitionName, bool removeExistingPermissionLevels = false ) : void

Add a role definition (e.g.Contribute, Read, Approve) to a group

AddPermissionLevelToPrincipal ( this securableObject, Principal principal, RoleType permissionLevel, bool removeExistingPermissionLevels = false ) : void

Add a permission level (e.g.Contribute, Reader,...) to a group

AddPermissionLevelToPrincipal ( this securableObject, Principal principal, string roleDefinitionName, bool removeExistingPermissionLevels = false ) : void

Add a role definition (e.g.Contribute, Read, Approve) to a group

AddPermissionLevelToUser ( this securableObject, string userLoginName, RoleType permissionLevel, bool removeExistingPermissionLevels = false ) : void

Add a permission level (e.g.Contribute, Reader,...) to a user

AddPermissionLevelToUser ( this securableObject, string userLoginName, string roleDefinitionName, bool removeExistingPermissionLevels = false ) : void

Add a role definition (e.g.Contribute, Read, Approve) to a user

AddReaderAccess ( this web ) : User

Add read access to the group "Everyone except external users".

AddReaderAccess ( this web, BuiltInIdentity user ) : User

Add read access to the group "Everyone except external users".

AddUserToGroup ( this web, Group group, User user ) : void

Adds a user to a group

AddUserToGroup ( this web, Group group, string userLoginName ) : void

Adds a user to a group

AddUserToGroup ( this web, int groupId, string userLoginName ) : void

Adds a user to a group

AddUserToGroup ( this web, string groupName, string userLoginName ) : void

Adds a user to a group

AssociateDefaultGroups ( this web, Group owners, Group members, Group visitors ) : void

Associate the provided groups as default owners, members or visitors groups. If a group is null then the association is not done

GetAdministrators ( this web ) : List

Get a list of site collection administrators

GetAllUniqueRoleAssignments ( this web, int leafBreadthLimit = int.MaxValue ) : IEnumerable

Get all unique role assignments for a web object and all its descendents down to document or list item level.

GetAuthenticationRealm ( this web ) : System.Guid

Returns the authentication realm for the current web

GetExternalUsersForSiteTenant ( this web, Uri siteUrl ) : List

Returns a list all external users for a given site that have at least the viewpages permission

GetExternalUsersTenant ( this web ) : List

Returns a list all external users in your tenant

GetGroupID ( this web, string groupName ) : int

Returns the integer ID for a given group name

GetSharingCapabilitiesTenant ( this web, Uri siteUrl ) : string

Get the external sharing settings for the provided site. Only works in Office 365 Multi-Tenant

GroupExists ( this web, string groupName ) : bool

Checks if a group exists

IsUserInGroup ( this web, string groupName, string userLoginName ) : bool

Checks if a user is member of a group

RemoveAdministrator ( this web, OfficeDevPnP.Core.Entities.UserEntity admin ) : void

Removes an administrators from the site collection

RemoveGroup ( this web, Group group ) : void

Remove a group

RemoveGroup ( this web, string groupName ) : void

Remove a group

RemovePermissionLevelFromGroup ( this securableObject, string groupName, RoleType permissionLevel, bool removeAllPermissionLevels = false ) : void

Removes a permission level from a group

RemovePermissionLevelFromGroup ( this securableObject, string groupName, string roleDefinitionName, bool removeAllPermissionLevels = false ) : void

Removes a permission level from a group

RemovePermissionLevelFromPrincipal ( this securableObject, Principal principal, RoleType permissionLevel, bool removeAllPermissionLevels = false ) : void

Removes a permission level from a user

RemovePermissionLevelFromPrincipal ( this securableObject, Principal principal, string roleDefinitionName, bool removeAllPermissionLevels = false ) : void

Removes a permission level from a user

RemovePermissionLevelFromUser ( this securableObject, string userLoginName, RoleType permissionLevel, bool removeAllPermissionLevels = false ) : void

Removes a permission level from a user

RemovePermissionLevelFromUser ( this securableObject, string userLoginName, string roleDefinitionName, bool removeAllPermissionLevels = false ) : void

Removes a permission level from a user

RemoveUserFromGroup ( this web, Group group, User user ) : void

Removes a user from a group

RemoveUserFromGroup ( this web, string groupName, string userLoginName ) : void

Removes a user from a group

Private Methods

Method Description
AddPermissionLevelImplementation ( this securableObject, Principal principal, RoleDefinition roleDefinition, bool removeExistingPermissionLevels = false ) : void
AddReaderAccessImplementation ( Web web, BuiltInIdentity user ) : User
EnsureGroupCache ( SecurableObject obj, string groupLoginName ) : void

Ensure all users of a given SharePoint group has been cached.

GetAssociatedWeb ( this securable ) : Web
GetPath ( this obj ) : string

Get URL path of a securable object

GetUserEmail ( this web, int userId ) : string

Get user email by user id.

IsGroupCannotBeFoundException ( Exception ex ) : bool
Preload ( this obj, int leafBreadthLimit ) : IEnumerable

Load properties of the current securable object and get child securable objects with unique role assignments if any.

RemovePermissionLevelImplementation ( this securableObject, Principal principal, RoleDefinition roleDefinition, bool removeAllPermissionLevels = false ) : void
Visit ( this obj, int leafBreadthLimit, string>.Action action ) : void

Traverse each descendents of a securable object with a specified action.

Method Details

AddAdministrators() public static method

Add a site collection administrator to a site collection
public static AddAdministrators ( this web, List adminLogins, bool addToOwnersGroup = false ) : void
web this Site to operate on
adminLogins List Array of admins loginnames to add
addToOwnersGroup bool Optionally the added admins can also be added to the Site owners group
return void

AddGroup() public static method

Adds a group
public static AddGroup ( this web, string groupName, string groupDescription, bool groupIsOwner, bool updateAndExecuteQuery = true, bool onlyAllowMembersViewMembership = false ) : Group
web this Site to add the group to
groupName string Name of the group
groupDescription string Description of the group
groupIsOwner bool Sets the created group as group owner if true
updateAndExecuteQuery bool Set to false to postpone the executequery call
onlyAllowMembersViewMembership bool Set whether members are allowed to see group membership, defaults to false
return Group

AddPermissionLevelToGroup() public static method

Add a permission level (e.g.Contribute, Reader,...) to a group
public static AddPermissionLevelToGroup ( this securableObject, string groupName, RoleType permissionLevel, bool removeExistingPermissionLevels = false ) : void
securableObject this Web/List/Item to operate against
groupName string Name of the group
permissionLevel RoleType Permission level to add
removeExistingPermissionLevels bool Set to true to remove all other permission levels for that group
return void

AddPermissionLevelToGroup() public static method

Add a role definition (e.g.Contribute, Read, Approve) to a group
public static AddPermissionLevelToGroup ( this securableObject, string groupName, string roleDefinitionName, bool removeExistingPermissionLevels = false ) : void
securableObject this Web/List/Item to operate against
groupName string Name of the group
roleDefinitionName string Name of the role definition to add, Full Control|Design|Contribute|Read|Approve|Manage Hierarchy|Restricted Read. Use the correct name of the language of the root site you are using
removeExistingPermissionLevels bool Set to true to remove all other permission levels for that group
return void

AddPermissionLevelToPrincipal() public static method

Add a permission level (e.g.Contribute, Reader,...) to a group
public static AddPermissionLevelToPrincipal ( this securableObject, Principal principal, RoleType permissionLevel, bool removeExistingPermissionLevels = false ) : void
securableObject this Web/List/Item to operate against
principal Principal Principal to add permission to
permissionLevel RoleType Permission level to add
removeExistingPermissionLevels bool Set to true to remove all other permission levels for that group
return void

AddPermissionLevelToPrincipal() public static method

Add a role definition (e.g.Contribute, Read, Approve) to a group
public static AddPermissionLevelToPrincipal ( this securableObject, Principal principal, string roleDefinitionName, bool removeExistingPermissionLevels = false ) : void
securableObject this Web/List/Item to operate against
principal Principal Principal to add permission to
roleDefinitionName string Name of the role definition to add, Full Control|Design|Contribute|Read|Approve|Manage Hierarchy|Restricted Read. Use the correct name of the language of the root site you are using
removeExistingPermissionLevels bool Set to true to remove all other permission levels for that group
return void

AddPermissionLevelToUser() public static method

Add a permission level (e.g.Contribute, Reader,...) to a user
public static AddPermissionLevelToUser ( this securableObject, string userLoginName, RoleType permissionLevel, bool removeExistingPermissionLevels = false ) : void
securableObject this Web/List/Item to operate against
userLoginName string Loginname of the user
permissionLevel RoleType Permission level to add
removeExistingPermissionLevels bool Set to true to remove all other permission levels for that user
return void

AddPermissionLevelToUser() public static method

Add a role definition (e.g.Contribute, Read, Approve) to a user
public static AddPermissionLevelToUser ( this securableObject, string userLoginName, string roleDefinitionName, bool removeExistingPermissionLevels = false ) : void
securableObject this Web/List/Item to operate against
userLoginName string Loginname of the user
roleDefinitionName string Name of the role definition to add, Full Control|Design|Contribute|Read|Approve|Manage Hierarchy|Restricted Read. Use the correct name of the language of the root site you are using
removeExistingPermissionLevels bool Set to true to remove all other permission levels for that user
return void

AddReaderAccess() public static method

Add read access to the group "Everyone except external users".
public static AddReaderAccess ( this web ) : User
web this Site to be processed - can be root web or sub site
return User

AddReaderAccess() public static method

Add read access to the group "Everyone except external users".
public static AddReaderAccess ( this web, BuiltInIdentity user ) : User
web this Site to be processed - can be root web or sub site
user BuiltInIdentity Built in user to add to the visitors group
return User

AddUserToGroup() public static method

Adds a user to a group
public static AddUserToGroup ( this web, Group group, User user ) : void
web this Web to operate against
group Group Group object representing the group
user User User object representing the user
return void

AddUserToGroup() public static method

Adds a user to a group
public static AddUserToGroup ( this web, Group group, string userLoginName ) : void
web this Web to operate against
group Group Group object representing the group
userLoginName string Login name of the user
return void

AddUserToGroup() public static method

Adds a user to a group
public static AddUserToGroup ( this web, int groupId, string userLoginName ) : void
web this web to operate against
groupId int Id of the group
userLoginName string Login name of the user
return void

AddUserToGroup() public static method

Adds a user to a group
public static AddUserToGroup ( this web, string groupName, string userLoginName ) : void
web this web to operate against
groupName string Name of the group
userLoginName string Loginname of the user
return void

AssociateDefaultGroups() public static method

Associate the provided groups as default owners, members or visitors groups. If a group is null then the association is not done
public static AssociateDefaultGroups ( this web, Group owners, Group members, Group visitors ) : void
web this Site to operate on
owners Group Owners group
members Group Members group
visitors Group Visitors group
return void

GetAdministrators() public static method

Get a list of site collection administrators
public static GetAdministrators ( this web ) : List
web this Site to operate on
return List

GetAllUniqueRoleAssignments() public static method

Get all unique role assignments for a web object and all its descendents down to document or list item level.
public static GetAllUniqueRoleAssignments ( this web, int leafBreadthLimit = int.MaxValue ) : IEnumerable
web this The current web object to be processed.
leafBreadthLimit int Skip further visiting on this branch if the number of child items or documents with unique role assignments exceeded leafBreadthLimit. When setting to 0, the process will stop at list / document library level.
return IEnumerable

GetAuthenticationRealm() public static method

Returns the authentication realm for the current web
public static GetAuthenticationRealm ( this web ) : System.Guid
web this
return System.Guid

GetExternalUsersForSiteTenant() public static method

Returns a list all external users for a given site that have at least the viewpages permission
public static GetExternalUsersForSiteTenant ( this web, Uri siteUrl ) : List
web this Tenant administration web
siteUrl System.Uri Url of the site fetch the external users for
return List

GetExternalUsersTenant() public static method

Returns a list all external users in your tenant
public static GetExternalUsersTenant ( this web ) : List
web this Tenant administration web
return List

GetGroupID() public static method

Returns the integer ID for a given group name
public static GetGroupID ( this web, string groupName ) : int
web this Site to be processed - can be root web or sub site
groupName string SharePoint group name
return int

GetSharingCapabilitiesTenant() public static method

Get the external sharing settings for the provided site. Only works in Office 365 Multi-Tenant
public static GetSharingCapabilitiesTenant ( this web, Uri siteUrl ) : string
web this Tenant administration web
siteUrl System.Uri Site to get the sharing capabilities from
return string

GroupExists() public static method

Checks if a group exists
public static GroupExists ( this web, string groupName ) : bool
web this Web to operate against
groupName string Name of the group
return bool

IsUserInGroup() public static method

Checks if a user is member of a group
public static IsUserInGroup ( this web, string groupName, string userLoginName ) : bool
web this Web to operate against
groupName string Name of the group
userLoginName string Loginname of the user
return bool

RemoveAdministrator() public static method

Removes an administrators from the site collection
public static RemoveAdministrator ( this web, OfficeDevPnP.Core.Entities.UserEntity admin ) : void
web this Site to operate on
admin OfficeDevPnP.Core.Entities.UserEntity that describes the admin to be removed
return void

RemoveGroup() public static method

Remove a group
public static RemoveGroup ( this web, Group group ) : void
web this Web to operate against
group Group Group object to remove
return void

RemoveGroup() public static method

Remove a group
public static RemoveGroup ( this web, string groupName ) : void
web this Web to operate against
groupName string Name of the group
return void

RemovePermissionLevelFromGroup() public static method

Removes a permission level from a group
public static RemovePermissionLevelFromGroup ( this securableObject, string groupName, RoleType permissionLevel, bool removeAllPermissionLevels = false ) : void
securableObject this Web/List/Item to operate against
groupName string name of the group
permissionLevel RoleType Permission level to remove. If null all permission levels are removed
removeAllPermissionLevels bool Set to true to remove all permission level.
return void

RemovePermissionLevelFromGroup() public static method

Removes a permission level from a group
public static RemovePermissionLevelFromGroup ( this securableObject, string groupName, string roleDefinitionName, bool removeAllPermissionLevels = false ) : void
securableObject this Web/List/Item to operate against
groupName string name of the group
roleDefinitionName string Name of the role definition to add, Full Control|Design|Contribute|Read|Approve|Manage Heirarchy|Restricted Read. Use the correct name of the language of the site you are using
removeAllPermissionLevels bool Set to true to remove all permission level.
return void

RemovePermissionLevelFromPrincipal() public static method

Removes a permission level from a user
public static RemovePermissionLevelFromPrincipal ( this securableObject, Principal principal, RoleType permissionLevel, bool removeAllPermissionLevels = false ) : void
securableObject this Web/List/Item to operate against
principal Principal Principal to remove permission from
permissionLevel RoleType Permission level to remove. If null all permission levels are removed
removeAllPermissionLevels bool Set to true to remove all permission level.
return void

RemovePermissionLevelFromPrincipal() public static method

Removes a permission level from a user
public static RemovePermissionLevelFromPrincipal ( this securableObject, Principal principal, string roleDefinitionName, bool removeAllPermissionLevels = false ) : void
securableObject this Web/List/Item to operate against
principal Principal Principal to remove permission from
roleDefinitionName string Name of the role definition to add, Full Control|Design|Contribute|Read|Approve|Manage Heirarchy|Restricted Read. Use the correct name of the language of the site you are using
removeAllPermissionLevels bool Set to true to remove all permission level.
return void

RemovePermissionLevelFromUser() public static method

Removes a permission level from a user
public static RemovePermissionLevelFromUser ( this securableObject, string userLoginName, RoleType permissionLevel, bool removeAllPermissionLevels = false ) : void
securableObject this Web/List/Item to operate against
userLoginName string Loginname of user
permissionLevel RoleType Permission level to remove. If null all permission levels are removed
removeAllPermissionLevels bool Set to true to remove all permission level.
return void

RemovePermissionLevelFromUser() public static method

Removes a permission level from a user
public static RemovePermissionLevelFromUser ( this securableObject, string userLoginName, string roleDefinitionName, bool removeAllPermissionLevels = false ) : void
securableObject this Web/List/Item to operate against
userLoginName string Loginname of user
roleDefinitionName string Name of the role definition to add, Full Control|Design|Contribute|Read|Approve|Manage Heirarchy|Restricted Read. Use the correct name of the language of the site you are using
removeAllPermissionLevels bool Set to true to remove all permission level.
return void

RemoveUserFromGroup() public static method

Removes a user from a group
public static RemoveUserFromGroup ( this web, Group group, User user ) : void
web this Web to operate against
group Group Group object to operate against
user User User object that needs to be removed
return void

RemoveUserFromGroup() public static method

Removes a user from a group
public static RemoveUserFromGroup ( this web, string groupName, string userLoginName ) : void
web this Web to operate against
groupName string Name of the group
userLoginName string Loginname of the user
return void