C# Class Microsoft.SharePoint.Client.SecurityExtensions

This manager class holds security related methods

Mostrar archivo Open project: OfficeDev/PnP-Sites-Core

Public Methods

Method	Description
AddAdministrators ( this web, List adminLogins, bool addToOwnersGroup = false ) : void	Add a site collection administrator to a site collection
AddGroup ( this web, string groupName, string groupDescription, bool groupIsOwner, bool updateAndExecuteQuery = true, bool onlyAllowMembersViewMembership = false ) : Group	Adds a group
AddPermissionLevelToGroup ( this securableObject, string groupName, RoleType permissionLevel, bool removeExistingPermissionLevels = false ) : void	Add a permission level (e.g.Contribute, Reader,...) to a group
AddPermissionLevelToGroup ( this securableObject, string groupName, string roleDefinitionName, bool removeExistingPermissionLevels = false ) : void	Add a role definition (e.g.Contribute, Read, Approve) to a group
AddPermissionLevelToPrincipal ( this securableObject, Principal principal, RoleType permissionLevel, bool removeExistingPermissionLevels = false ) : void	Add a permission level (e.g.Contribute, Reader,...) to a group
AddPermissionLevelToPrincipal ( this securableObject, Principal principal, string roleDefinitionName, bool removeExistingPermissionLevels = false ) : void	Add a role definition (e.g.Contribute, Read, Approve) to a group
AddPermissionLevelToUser ( this securableObject, string userLoginName, RoleType permissionLevel, bool removeExistingPermissionLevels = false ) : void	Add a permission level (e.g.Contribute, Reader,...) to a user
AddPermissionLevelToUser ( this securableObject, string userLoginName, string roleDefinitionName, bool removeExistingPermissionLevels = false ) : void	Add a role definition (e.g.Contribute, Read, Approve) to a user
AddReaderAccess ( this web ) : User	Add read access to the group "Everyone except external users".
AddReaderAccess ( this web, BuiltInIdentity user ) : User	Add read access to the group "Everyone except external users".
AddUserToGroup ( this web, Group group, User user ) : void	Adds a user to a group
AddUserToGroup ( this web, Group group, string userLoginName ) : void	Adds a user to a group
AddUserToGroup ( this web, int groupId, string userLoginName ) : void	Adds a user to a group
AddUserToGroup ( this web, string groupName, string userLoginName ) : void	Adds a user to a group
AssociateDefaultGroups ( this web, Group owners, Group members, Group visitors ) : void	Associate the provided groups as default owners, members or visitors groups. If a group is null then the association is not done
GetAdministrators ( this web ) : List	Get a list of site collection administrators
GetAllUniqueRoleAssignments ( this web, int leafBreadthLimit = int.MaxValue ) : IEnumerable	Get all unique role assignments for a web object and all its descendents down to document or list item level.
GetAuthenticationRealm ( this web ) : System.Guid	Returns the authentication realm for the current web
GetExternalUsersForSiteTenant ( this web, Uri siteUrl ) : List	Returns a list all external users for a given site that have at least the viewpages permission
GetExternalUsersTenant ( this web ) : List	Returns a list all external users in your tenant
GetGroupID ( this web, string groupName ) : int	Returns the integer ID for a given group name
GetSharingCapabilitiesTenant ( this web, Uri siteUrl ) : string	Get the external sharing settings for the provided site. Only works in Office 365 Multi-Tenant
GroupExists ( this web, string groupName ) : bool	Checks if a group exists
IsUserInGroup ( this web, string groupName, string userLoginName ) : bool	Checks if a user is member of a group
RemoveAdministrator ( this web, OfficeDevPnP.Core.Entities.UserEntity admin ) : void	Removes an administrators from the site collection
RemoveGroup ( this web, Group group ) : void	Remove a group
RemoveGroup ( this web, string groupName ) : void	Remove a group
RemovePermissionLevelFromGroup ( this securableObject, string groupName, RoleType permissionLevel, bool removeAllPermissionLevels = false ) : void	Removes a permission level from a group
RemovePermissionLevelFromGroup ( this securableObject, string groupName, string roleDefinitionName, bool removeAllPermissionLevels = false ) : void	Removes a permission level from a group
RemovePermissionLevelFromPrincipal ( this securableObject, Principal principal, RoleType permissionLevel, bool removeAllPermissionLevels = false ) : void	Removes a permission level from a user
RemovePermissionLevelFromPrincipal ( this securableObject, Principal principal, string roleDefinitionName, bool removeAllPermissionLevels = false ) : void	Removes a permission level from a user
RemovePermissionLevelFromUser ( this securableObject, string userLoginName, RoleType permissionLevel, bool removeAllPermissionLevels = false ) : void	Removes a permission level from a user
RemovePermissionLevelFromUser ( this securableObject, string userLoginName, string roleDefinitionName, bool removeAllPermissionLevels = false ) : void	Removes a permission level from a user
RemoveUserFromGroup ( this web, Group group, User user ) : void	Removes a user from a group
RemoveUserFromGroup ( this web, string groupName, string userLoginName ) : void	Removes a user from a group

Private Methods

Method	Description
AddPermissionLevelImplementation ( this securableObject, Principal principal, RoleDefinition roleDefinition, bool removeExistingPermissionLevels = false ) : void
AddReaderAccessImplementation ( Web web, BuiltInIdentity user ) : User
EnsureGroupCache ( SecurableObject obj, string groupLoginName ) : void	Ensure all users of a given SharePoint group has been cached.
GetAssociatedWeb ( this securable ) : Web
GetPath ( this obj ) : string	Get URL path of a securable object
GetUserEmail ( this web, int userId ) : string	Get user email by user id.
IsGroupCannotBeFoundException ( Exception ex ) : bool
Preload ( this obj, int leafBreadthLimit ) : IEnumerable	Load properties of the current securable object and get child securable objects with unique role assignments if any.
RemovePermissionLevelImplementation ( this securableObject, Principal principal, RoleDefinition roleDefinition, bool removeAllPermissionLevels = false ) : void
Visit ( this obj, int leafBreadthLimit, string>.Action action ) : void	Traverse each descendents of a securable object with a specified action.

Method Details

AddAdministrators() public static method

Add a site collection administrator to a site collection

public static AddAdministrators ( this web, List adminLogins, bool addToOwnersGroup = false ) : void
web	this	Site to operate on
adminLogins	List	Array of admins loginnames to add
addToOwnersGroup	bool	Optionally the added admins can also be added to the Site owners group
return	void

AddGroup() public static method

Adds a group

public static AddGroup ( this web, string groupName, string groupDescription, bool groupIsOwner, bool updateAndExecuteQuery = true, bool onlyAllowMembersViewMembership = false ) : Group
web	this	Site to add the group to
groupName	string	Name of the group
groupDescription	string	Description of the group
groupIsOwner	bool	Sets the created group as group owner if true
updateAndExecuteQuery	bool	Set to false to postpone the executequery call
onlyAllowMembersViewMembership	bool	Set whether members are allowed to see group membership, defaults to false
return	Group

AddPermissionLevelToGroup() public static method

Add a permission level (e.g.Contribute, Reader,...) to a group

public static AddPermissionLevelToGroup ( this securableObject, string groupName, RoleType permissionLevel, bool removeExistingPermissionLevels = false ) : void
securableObject	this	Web/List/Item to operate against
groupName	string	Name of the group
permissionLevel	RoleType	Permission level to add
removeExistingPermissionLevels	bool	Set to true to remove all other permission levels for that group
return	void

AddPermissionLevelToGroup() public static method

Add a role definition (e.g.Contribute, Read, Approve) to a group

public static AddPermissionLevelToGroup ( this securableObject, string groupName, string roleDefinitionName, bool removeExistingPermissionLevels = false ) : void
securableObject	this	Web/List/Item to operate against
groupName	string	Name of the group
roleDefinitionName	string	Name of the role definition to add, Full Control\|Design\|Contribute\|Read\|Approve\|Manage Hierarchy\|Restricted Read. Use the correct name of the language of the root site you are using
removeExistingPermissionLevels	bool	Set to true to remove all other permission levels for that group
return	void

AddPermissionLevelToPrincipal() public static method

Add a permission level (e.g.Contribute, Reader,...) to a group

public static AddPermissionLevelToPrincipal ( this securableObject, Principal principal, RoleType permissionLevel, bool removeExistingPermissionLevels = false ) : void
securableObject	this	Web/List/Item to operate against
principal	Principal	Principal to add permission to
permissionLevel	RoleType	Permission level to add
removeExistingPermissionLevels	bool	Set to true to remove all other permission levels for that group
return	void

AddPermissionLevelToPrincipal() public static method

Add a role definition (e.g.Contribute, Read, Approve) to a group

public static AddPermissionLevelToPrincipal ( this securableObject, Principal principal, string roleDefinitionName, bool removeExistingPermissionLevels = false ) : void
securableObject	this	Web/List/Item to operate against
principal	Principal	Principal to add permission to
roleDefinitionName	string	Name of the role definition to add, Full Control\|Design\|Contribute\|Read\|Approve\|Manage Hierarchy\|Restricted Read. Use the correct name of the language of the root site you are using
removeExistingPermissionLevels	bool	Set to true to remove all other permission levels for that group
return	void

AddPermissionLevelToUser() public static method

Add a permission level (e.g.Contribute, Reader,...) to a user

public static AddPermissionLevelToUser ( this securableObject, string userLoginName, RoleType permissionLevel, bool removeExistingPermissionLevels = false ) : void
securableObject	this	Web/List/Item to operate against
userLoginName	string	Loginname of the user
permissionLevel	RoleType	Permission level to add
removeExistingPermissionLevels	bool	Set to true to remove all other permission levels for that user
return	void

AddPermissionLevelToUser() public static method

Add a role definition (e.g.Contribute, Read, Approve) to a user

public static AddPermissionLevelToUser ( this securableObject, string userLoginName, string roleDefinitionName, bool removeExistingPermissionLevels = false ) : void
securableObject	this	Web/List/Item to operate against
userLoginName	string	Loginname of the user
roleDefinitionName	string	Name of the role definition to add, Full Control\|Design\|Contribute\|Read\|Approve\|Manage Hierarchy\|Restricted Read. Use the correct name of the language of the root site you are using
removeExistingPermissionLevels	bool	Set to true to remove all other permission levels for that user
return	void

AddReaderAccess() public static method

Add read access to the group "Everyone except external users".

public static AddReaderAccess ( this web ) : User
web	this	Site to be processed - can be root web or sub site
return	User

AddReaderAccess() public static method

Add read access to the group "Everyone except external users".

public static AddReaderAccess ( this web, BuiltInIdentity user ) : User
web	this	Site to be processed - can be root web or sub site
user	BuiltInIdentity	Built in user to add to the visitors group
return	User

AddUserToGroup() public static method

Adds a user to a group

public static AddUserToGroup ( this web, Group group, User user ) : void
web	this	Web to operate against
group	Group	Group object representing the group
user	User	User object representing the user
return	void

AddUserToGroup() public static method

Adds a user to a group

public static AddUserToGroup ( this web, Group group, string userLoginName ) : void
web	this	Web to operate against
group	Group	Group object representing the group
userLoginName	string	Login name of the user
return	void

AddUserToGroup() public static method

Adds a user to a group

public static AddUserToGroup ( this web, int groupId, string userLoginName ) : void
web	this	web to operate against
groupId	int	Id of the group
userLoginName	string	Login name of the user
return	void

AddUserToGroup() public static method

Adds a user to a group

public static AddUserToGroup ( this web, string groupName, string userLoginName ) : void
web	this	web to operate against
groupName	string	Name of the group
userLoginName	string	Loginname of the user
return	void

AssociateDefaultGroups() public static method

Associate the provided groups as default owners, members or visitors groups. If a group is null then the association is not done

public static AssociateDefaultGroups ( this web, Group owners, Group members, Group visitors ) : void
web	this	Site to operate on
owners	Group	Owners group
members	Group	Members group
visitors	Group	Visitors group
return	void

GetAdministrators() public static method

Get a list of site collection administrators

public static GetAdministrators ( this web ) : List
web	this	Site to operate on
return	List

GetAllUniqueRoleAssignments() public static method

Get all unique role assignments for a web object and all its descendents down to document or list item level.

public static GetAllUniqueRoleAssignments ( this web, int leafBreadthLimit = int.MaxValue ) : IEnumerable
web	this	The current web object to be processed.
leafBreadthLimit	int	Skip further visiting on this branch if the number of child items or documents with unique role assignments exceeded leafBreadthLimit. When setting to 0, the process will stop at list / document library level.
return	IEnumerable

GetAuthenticationRealm() public static method

Returns the authentication realm for the current web

public static GetAuthenticationRealm ( this web ) : System.Guid
web	this
return	System.Guid

GetExternalUsersForSiteTenant() public static method

Returns a list all external users for a given site that have at least the viewpages permission

public static GetExternalUsersForSiteTenant ( this web, Uri siteUrl ) : List
web	this	Tenant administration web
siteUrl	System.Uri	Url of the site fetch the external users for
return	List

GetExternalUsersTenant() public static method

Returns a list all external users in your tenant

public static GetExternalUsersTenant ( this web ) : List
web	this	Tenant administration web
return	List

GetGroupID() public static method

Returns the integer ID for a given group name

public static GetGroupID ( this web, string groupName ) : int
web	this	Site to be processed - can be root web or sub site
groupName	string	SharePoint group name
return	int

GetSharingCapabilitiesTenant() public static method

Get the external sharing settings for the provided site. Only works in Office 365 Multi-Tenant

public static GetSharingCapabilitiesTenant ( this web, Uri siteUrl ) : string
web	this	Tenant administration web
siteUrl	System.Uri	Site to get the sharing capabilities from
return	string

GroupExists() public static method

Checks if a group exists

public static GroupExists ( this web, string groupName ) : bool
web	this	Web to operate against
groupName	string	Name of the group
return	bool

IsUserInGroup() public static method

Checks if a user is member of a group

public static IsUserInGroup ( this web, string groupName, string userLoginName ) : bool
web	this	Web to operate against
groupName	string	Name of the group
userLoginName	string	Loginname of the user
return	bool

RemoveAdministrator() public static method

Removes an administrators from the site collection

public static RemoveAdministrator ( this web, OfficeDevPnP.Core.Entities.UserEntity admin ) : void
web	this	Site to operate on
admin	OfficeDevPnP.Core.Entities.UserEntity	that describes the admin to be removed
return	void

RemoveGroup() public static method

Remove a group

public static RemoveGroup ( this web, Group group ) : void
web	this	Web to operate against
group	Group	Group object to remove
return	void

RemoveGroup() public static method

Remove a group

public static RemoveGroup ( this web, string groupName ) : void
web	this	Web to operate against
groupName	string	Name of the group
return	void

RemovePermissionLevelFromGroup() public static method

Removes a permission level from a group

public static RemovePermissionLevelFromGroup ( this securableObject, string groupName, RoleType permissionLevel, bool removeAllPermissionLevels = false ) : void
securableObject	this	Web/List/Item to operate against
groupName	string	name of the group
permissionLevel	RoleType	Permission level to remove. If null all permission levels are removed
removeAllPermissionLevels	bool	Set to true to remove all permission level.
return	void

RemovePermissionLevelFromGroup() public static method

Removes a permission level from a group

public static RemovePermissionLevelFromGroup ( this securableObject, string groupName, string roleDefinitionName, bool removeAllPermissionLevels = false ) : void
securableObject	this	Web/List/Item to operate against
groupName	string	name of the group
roleDefinitionName	string	Name of the role definition to add, Full Control\|Design\|Contribute\|Read\|Approve\|Manage Heirarchy\|Restricted Read. Use the correct name of the language of the site you are using
removeAllPermissionLevels	bool	Set to true to remove all permission level.
return	void

RemovePermissionLevelFromPrincipal() public static method

Removes a permission level from a user

public static RemovePermissionLevelFromPrincipal ( this securableObject, Principal principal, RoleType permissionLevel, bool removeAllPermissionLevels = false ) : void
securableObject	this	Web/List/Item to operate against
principal	Principal	Principal to remove permission from
permissionLevel	RoleType	Permission level to remove. If null all permission levels are removed
removeAllPermissionLevels	bool	Set to true to remove all permission level.
return	void

RemovePermissionLevelFromPrincipal() public static method

Removes a permission level from a user

public static RemovePermissionLevelFromPrincipal ( this securableObject, Principal principal, string roleDefinitionName, bool removeAllPermissionLevels = false ) : void
securableObject	this	Web/List/Item to operate against
principal	Principal	Principal to remove permission from
roleDefinitionName	string	Name of the role definition to add, Full Control\|Design\|Contribute\|Read\|Approve\|Manage Heirarchy\|Restricted Read. Use the correct name of the language of the site you are using
removeAllPermissionLevels	bool	Set to true to remove all permission level.
return	void

RemovePermissionLevelFromUser() public static method

Removes a permission level from a user

public static RemovePermissionLevelFromUser ( this securableObject, string userLoginName, RoleType permissionLevel, bool removeAllPermissionLevels = false ) : void
securableObject	this	Web/List/Item to operate against
userLoginName	string	Loginname of user
permissionLevel	RoleType	Permission level to remove. If null all permission levels are removed
removeAllPermissionLevels	bool	Set to true to remove all permission level.
return	void

RemovePermissionLevelFromUser() public static method

Removes a permission level from a user

public static RemovePermissionLevelFromUser ( this securableObject, string userLoginName, string roleDefinitionName, bool removeAllPermissionLevels = false ) : void
securableObject	this	Web/List/Item to operate against
userLoginName	string	Loginname of user
roleDefinitionName	string	Name of the role definition to add, Full Control\|Design\|Contribute\|Read\|Approve\|Manage Heirarchy\|Restricted Read. Use the correct name of the language of the site you are using
removeAllPermissionLevels	bool	Set to true to remove all permission level.
return	void

RemoveUserFromGroup() public static method

Removes a user from a group

public static RemoveUserFromGroup ( this web, Group group, User user ) : void
web	this	Web to operate against
group	Group	Group object to operate against
user	User	User object that needs to be removed
return	void

RemoveUserFromGroup() public static method

Removes a user from a group

public static RemoveUserFromGroup ( this web, string groupName, string userLoginName ) : void
web	this	Web to operate against
groupName	string	Name of the group
userLoginName	string	Loginname of the user
return	void