Monday, January 4, 2016

SharePoint Item Level Permissions

There can be situations when you have to provide item level permissions to one of the user on a list with hundred of items.

This can be quite tedious with the manual approach so obviously Powershell will be the saver here :)

Sharing the script that will add itemlevel permissions:

Input ot the script :

$site  = "http://spsharepoint/sites/nworkflow" #Site collection Url

$listname = "Authorization List" #List Name on the url

$userid = "Lab\sakiv" # User id for which item level permissions will be provided

$permissionLevel = "Read" # permissions

I was in a similar situation so created this script that reduced lot of effort.

Download the script from above & use it on sharepoint server as sharepoint management shell is required.

I have tested it with farm privileges only..(Sharepoint 2010)

Script can also be downloaded from below link:

https://gallery.technet.microsoft.com/scriptcenter/SharePoint-Item-Level-f794c964


#################################################################### 
#            Author: Vikas Sukhija 
#            Date: 07/10/2015 
#            Description : Provide item level permissions 
#            on Sharepoint List 
# 
#################################################################### 
 
########################ADD SP Shell ############################# 
 
If ((Get-PSSnapin | where {$_.Name -match "SharePoint.Powershell"}) -eq $null

    Add-PSSnapin Microsoft.SharePoint.Powershell 

 
############################Define Variables ################## 
 
$site  = "http://spsharepoint/sites/nworkflow" 
$listname = "Authorization List" 
$userid = "Lab\sakiv" 
$permissionLevel = "Read" 
 
#####Get list items & role defs ##### 
 
$web = get-spweb $site 
$list = $web.lists[$listname
$items = $list.items 
$permission = $web.RoleDefinitions[$permissionLevel
$user = $web.siteusers[$userid
 
####apply individual permissions ##### 
 
$items | foreach-object{ 
 
if ($_.HasUniqueRoleAssignments -eq $True){ 
 
$idstring = $_.ID.tostring() 
 
Write-host ""item Number********" + $idstring" -foregroundcolor green 
 
$permlevels = $_.RoleAssignments 
 
$roles = $permlevels |select -expandproperty RoleDefinitionBindings 
$rolescollect=$null;$rolescollect=@(); 
$roles | foreach-object{ $rolescollect +$_.Name} 
 
 
$permlevel = $permlevels | where {$_.Member.Name -eq $user.Name} 
 
    if (($permlevel -eq $NULL-and ($rolescollect -notcontains "$permissionLevel"))  { 
 
    $setp = new-object Microsoft.SharePoint.SPRoleAssignment($user
     $setp.RoleDefinitionBindings.add($permission)  
    $permlevels.add($setp
    Write-host "$permissionLevel added to $userid on $idstring" -foregroundcolor blue 
    } 
 
    elseif (($permlevel -eq $NULL-and ($rolescollect -contains "$permissionLevel")) { 
 
    $setp = new-object Microsoft.SharePoint.SPRoleAssignment($user
     $setp.RoleDefinitionBindings.add($permission
    $permlevels.Add($setp
    Write-host "updated permission $permissionlevel for $userid on $idstring" -foregroundcolor magenta 
    } 
 
 

 

$web.Dispose() 
 
##################################################################




Regards

Sukhija Vikas

http://msexchange.me

No comments:

Post a Comment