Create group, permission and assign it programmatically
Introduction
In this article I will describe that how to create Sharepoint group, permission and assign permission to group programmatically using feature.
This will use below terms:-
1. SPGroup: We wll create sharepoint group.
2. RoleDefinition: We will create custom permission.
3. RoleAssignment: Assign custom permission to group.
Solution Structure
The Code
We will create below feature.xml file and featurereceiver.cs file. Then rest is usual WSP deployment on sharepoint.
For: How to create WSP project and create basic feature, please go to below url and read details:-
http://sharepoint.infoyen.com/2012/04/22/feature-receiver-in-sharepoint/
http://sharepoint.infoyen.com/2012/04/01/create-webpart-in-sharepoint-2/
Feature.xml
You use this XML file to define the metadata for the new feature. The following example code scopes the feature at the level of the site and defines a unique identifier for the new feature.
1 2 3 4 5 6 7 8 9 10 11 | <Feature Id="write feature id here" Title="Custom Permissions" Description="This Custom Permissions of site owner." Version="12.0.0.0" Hidden="FALSE" Scope="Web" DefaultResourceFile="core" xmlns="http://schemas.microsoft.com/sharepoint/" ReceiverAssembly="Home.Project.Solution, Version=1.0.0.0, Culture=neutral, PublicKeyToken=05bbbd1c0f9a44ea" ReceiverClass="Home.Project.Solution.CustomPermision.FeatureReceiver" > </Feature> |
Feature Receiver Class:-
In this class; on feature activation, 1st we will create SPGroup, then SPRoleDefinition and in last we assign this SPRoleDefinition to SPGroup using SPRoleAssignment. please see below full code to understand in detail:-
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 | namespace Home.Project.Solution.CustomPermision { public class FeatureReceiver : SPFeatureReceiver { private const string PERMISSION_NAME = "CustomAccesss Owner"; string strPermName = string.Empty; public override void FeatureInstalled(SPFeatureReceiverProperties properties) { } public override void FeatureUninstalling(SPFeatureReceiverProperties properties) { } public override void FeatureActivated(SPFeatureReceiverProperties properties) { try { SPWeb web = null; web = (SPWeb)properties.Feature.Parent; strPermName = web.Title + " " + PERMISSION_NAME; bool IsRestrictedOwnerExist = false; SPRoleDefinitionCollection existingRoleDefinition = web.RoleDefinitions; foreach (SPRoleDefinition roleDef in existingRoleDefinition) { if (roleDef.Name == PERMISSION_NAME) IsRestrictedOwnerExist = true; } // If permission does not exist then create permission(SPRoleDefinition) if (!IsRestrictedOwnerExist) { // create a new restricted Owner role definition and set base permissions SPRoleDefinition restrictedOwnerRoleDefinition = new SPRoleDefinition() { Name = PERMISSION_NAME, Description = "Same as full control except 'Manage Permissions' and 'Create Groups'", BasePermissions = SPBasePermissions.ManageLists | SPBasePermissions.CancelCheckout | SPBasePermissions.AddListItems | SPBasePermissions.EditListItems | SPBasePermissions.DeleteListItems | SPBasePermissions.ViewListItems | SPBasePermissions.ApproveItems | SPBasePermissions.OpenItems | SPBasePermissions.ViewVersions | SPBasePermissions.DeleteVersions | SPBasePermissions.CreateAlerts | SPBasePermissions.ViewFormPages | SPBasePermissions.ViewUsageData | SPBasePermissions.ManageWeb | SPBasePermissions.AddAndCustomizePages | SPBasePermissions.ApplyThemeAndBorder | SPBasePermissions.ApplyStyleSheets | SPBasePermissions.BrowseDirectories | SPBasePermissions.CreateSSCSite | SPBasePermissions.ViewPages | SPBasePermissions.EnumeratePermissions | SPBasePermissions.BrowseUserInfo | SPBasePermissions.ManageAlerts | SPBasePermissions.UseRemoteAPIs | SPBasePermissions.UseClientIntegration | SPBasePermissions.Open | SPBasePermissions.EditMyUserInfo | SPBasePermissions.ManagePersonalViews | SPBasePermissions.AddDelPrivateWebParts | SPBasePermissions.UpdatePersonalWebParts }; web.RoleDefinitions.Add(restrictedOwnerRoleDefinition); web.Update(); } //use the web owner group as the owner for this new group SPMember siteOwner = web.Site.RootWeb.SiteAdministrators[0]; web.SiteGroups.Add(strPermName, siteOwner, null, "Custom SharePoint Group for CustomAccess Owner"); //retrieve the newly added group to set roles for it SPGroup wcmGroup = web.SiteGroups[strPermName]; //get the designer role definition to assign to our custom group SPRoleDefinition customRoleDefinition = web.RoleDefinitions[PERMISSION_NAME]; //assign CustomAccess Owner role to our custom group at the web level SPRoleAssignment roleAssignment = new SPRoleAssignment(wcmGroup); roleAssignment.RoleDefinitionBindings.Add(customRoleDefinition); web.RoleAssignments.Add(roleAssignment); wcmGroup.Update(); web.Update(); } catch (Exception) { throw new SPException(string.Format("Error adding custom access permissions.")); } } public override void FeatureDeactivating(SPFeatureReceiverProperties properties) { } } } |
Thanks!
Avinash
June 24, 2012
В· 
Infoyen В· 
No Comments
Tags: MOSS, SharePoint В· Posted in: MOSS, Security, SharePoint
Leave a Reply