This manager class holds security related methods
public static class SecurityExtensions : objectAdd a site collection administrator to a site collection
public static void AddAdministrators(this Web web, List<UserEntity> adminLogins, bool addToOwnersGroup = false)|
Web
web
Site to operate on |
|
List<User Array of admins loginnames to add |
|
System. Optionally the added admins can also be added to the Site owners group |
Adds a group
public static Group AddGroup(this Web web, string groupName, string groupDescription, bool groupIsOwner, bool updateAndExecuteQuery = true, bool onlyAllowMembersViewMembership = false)|
Web
web
Site to add the group to |
|
System. Name of the group |
|
System. Description of the group |
|
System. Sets the created group as group owner if true |
|
System. Set to false to postpone the executequery call |
|
System. Set whether members are allowed to see group membership, defaults to false |
|
Group
The created group |
Add a permission level (e.g.Contribute, Reader,...) to a group
public static void AddPermissionLevelToGroup(this SecurableObject securableObject, string groupName, RoleType permissionLevel, bool removeExistingPermissionLevels = false)|
Securable Web/List/Item to operate against |
|
System. Name of the group |
|
Role Permission level to add |
|
System. Set to true to remove all other permission levels for that group |
Add a role definition (e.g.Contribute, Read, Approve) to a group
public static void AddPermissionLevelToGroup(this SecurableObject securableObject, string groupName, string roleDefinitionName, bool removeExistingPermissionLevels = false)|
Securable Web/List/Item to operate against |
|
System. Name of the group |
|
System. Name of the role definition to add, Full Control|Design|Contribute|Read|Approve|Manage Hierarchy|Restricted Read. Use the correct name of the language of the root site you are using |
|
System. Set to true to remove all other permission levels for that group |
Add a permission level (e.g.Contribute, Reader,...) to a group
public static void AddPermissionLevelToPrincipal(this SecurableObject securableObject, Principal principal, RoleType permissionLevel, bool removeExistingPermissionLevels = false)|
Securable Web/List/Item to operate against |
|
Principal
principal
Principal to add permission to |
|
Role Permission level to add |
|
System. Set to true to remove all other permission levels for that group |
Add a role definition (e.g.Contribute, Read, Approve) to a group
public static void AddPermissionLevelToPrincipal(this SecurableObject securableObject, Principal principal, string roleDefinitionName, bool removeExistingPermissionLevels = false)|
Securable Web/List/Item to operate against |
|
Principal
principal
Principal to add permission to |
|
System. Name of the role definition to add, Full Control|Design|Contribute|Read|Approve|Manage Hierarchy|Restricted Read. Use the correct name of the language of the root site you are using |
|
System. Set to true to remove all other permission levels for that group |
Add a permission level (e.g.Contribute, Reader,...) to a user
public static void AddPermissionLevelToUser(this SecurableObject securableObject, string userLoginName, RoleType permissionLevel, bool removeExistingPermissionLevels = false)|
Securable Web/List/Item to operate against |
|
System. Loginname of the user |
|
Role Permission level to add |
|
System. Set to true to remove all other permission levels for that user |
Add a role definition (e.g.Contribute, Read, Approve) to a user
public static void AddPermissionLevelToUser(this SecurableObject securableObject, string userLoginName, string roleDefinitionName, bool removeExistingPermissionLevels = false)|
Securable Web/List/Item to operate against |
|
System. Loginname of the user |
|
System. Name of the role definition to add, Full Control|Design|Contribute|Read|Approve|Manage Hierarchy|Restricted Read. Use the correct name of the language of the root site you are using |
|
System. Set to true to remove all other permission levels for that user |
Add read access to the group "Everyone except external users".
public static User AddReaderAccess(this Web web)|
Web
web
Site to be processed - can be root web or sub site |
|
User
|
Add read access to the group "Everyone except external users".
public static User AddReaderAccess(this Web web, BuiltInIdentity user)|
Web
web
Site to be processed - can be root web or sub site |
|
Built Built in user to add to the visitors group |
|
User
|
Adds a user to a group
public static void AddUserToGroup(this Web web, Group group, string userLoginName)|
Web
web
Web to operate against |
|
Group
group
Group object representing the group |
|
System. Login name of the user |
Adds a user to a group
public static void AddUserToGroup(this Web web, Group group, User user)|
Web
web
Web to operate against |
|
Group
group
Group object representing the group |
|
User
user
User object representing the user |
Adds a user to a group
public static void AddUserToGroup(this Web web, int groupId, string userLoginName)|
Web
web
web to operate against |
|
System. Id of the group |
|
System. Login name of the user |
Adds a user to a group
public static void AddUserToGroup(this Web web, string groupName, string userLoginName)|
Web
web
web to operate against |
|
System. Name of the group |
|
System. Loginname of the user |
Associate the provided groups as default owners, members or visitors groups. If a group is null then the association is not done
public static void AssociateDefaultGroups(this Web web, Group owners, Group members, Group visitors)|
Web
web
Site to operate on |
|
Group
owners
Owners group |
|
Group
members
Members group |
|
Group
visitors
Visitors group |
Get a list of site collection administrators
public static List<UserEntity> GetAdministrators(this Web web)|
Web
web
Site to operate on |
|
List<User List of User |
Get all unique role assignments for a web object and all its descendents down to document or list item level.
public static IEnumerable<RoleAssignmentEntity> GetAllUniqueRoleAssignments(this Web web, int leafBreadthLimit = null)|
Web
web
The current web object to be processed. |
|
System. Skip further visiting on this branch if the number of child items or documents with unique role assignments exceeded leafBreadthLimit. When setting to 0, the process will stop at list / document library level. |
|
IEnumerable<Role Returns all role assignments |
Returns the authentication realm for the current web
public static Guid GetAuthenticationRealm(this Web web)|
Web
web
The Current site |
|
Guid
Returns Realm in Guid |
Returns the correct value of the "Everyone except external users" string value
public static string GetEveryoneExceptExternalUsersClaimName(this Web web)|
Web
web
Web to get the language from |
|
System. String in correct translation |
Returns a list all external users for a given site that have at least the viewpages permission
public static List<ExternalUserEntity> GetExternalUsersForSiteTenant(this Web web, Uri siteUrl)|
Web
web
Tenant administration web |
|
Uri
siteUrl
Url of the site fetch the external users for |
|
List<External A list of External |
Returns a list all external users in your tenant
public static List<ExternalUserEntity> GetExternalUsersTenant(this Web web)|
Web
web
Tenant administration web |
|
List<External A list of External |
Returns the integer ID for a given group name
public static int GetGroupID(this Web web, string groupName)|
Web
web
Site to be processed - can be root web or sub site |
|
System. SharePoint group name |
|
System. Integer group ID |
Get all unique role assignments for a user or a group in a web object and all its descendents down to document or list item level.
public static IEnumerable<RoleAssignmentEntity> GetPrincipalUniqueRoleAssignments(this Web web, Principal principal, int leafBreadthLimit = null)|
Web
web
The current web object to be processed. |
|
Principal
principal
The current web object to be processed. |
|
System. Skip further visiting on this branch if the number of child items or documents with unique role assignments exceeded leafBreadthLimit. When setting to 0, the process will stop at list / document library level. |
|
IEnumerable<Role Returns all role assignments |
Get the external sharing settings for the provided site. Only works in Office 365 Multi-Tenant
public static string GetSharingCapabilitiesTenant(this Web web, Uri siteUrl)|
Web
web
Tenant administration web |
|
Uri
siteUrl
Site to get the sharing capabilities from |
|
System. Sharing capabilities of the site collection |
Checks if a group exists
public static bool GroupExists(this Web web, string groupName)|
Web
web
Web to operate against |
|
System. Name of the group |
|
System. True if the group exists, false otherwise |
Checks if a user is member of a group
public static bool IsUserInGroup(this Web web, string groupName, string userLoginName)|
Web
web
Web to operate against |
|
System. Name of the group |
|
System. Loginname of the user |
|
System. True if the user is in the group, false otherwise |
Removes an administrators from the site collection
public static void RemoveAdministrator(this Web web, UserEntity admin)|
Web
web
Site to operate on |
|
User User |
Remove a group
public static void RemoveGroup(this Web web, Group group)|
Web
web
Web to operate against |
|
Group
group
Group object to remove |
Remove a group
public static void RemoveGroup(this Web web, string groupName)|
Web
web
Web to operate against |
|
System. Name of the group |
Removes a permission level from a group
public static void RemovePermissionLevelFromGroup(this SecurableObject securableObject, string groupName, RoleType permissionLevel, bool removeAllPermissionLevels = false)|
Securable Web/List/Item to operate against |
|
System. name of the group |
|
Role Permission level to remove. If null all permission levels are removed |
|
System. Set to true to remove all permission level. |
Removes a permission level from a group
public static void RemovePermissionLevelFromGroup(this SecurableObject securableObject, string groupName, string roleDefinitionName, bool removeAllPermissionLevels = false)|
Securable Web/List/Item to operate against |
|
System. name of the group |
|
System. Name of the role definition to add, Full Control|Design|Contribute|Read|Approve|Manage Heirarchy|Restricted Read. Use the correct name of the language of the site you are using |
|
System. Set to true to remove all permission level. |
Removes a permission level from a user
public static void RemovePermissionLevelFromPrincipal(this SecurableObject securableObject, Principal principal, RoleType permissionLevel, bool removeAllPermissionLevels = false)|
Securable Web/List/Item to operate against |
|
Principal
principal
Principal to remove permission from |
|
Role Permission level to remove. If null all permission levels are removed |
|
System. Set to true to remove all permission level. |
Removes a permission level from a user
public static void RemovePermissionLevelFromPrincipal(this SecurableObject securableObject, Principal principal, string roleDefinitionName, bool removeAllPermissionLevels = false)|
Securable Web/List/Item to operate against |
|
Principal
principal
Principal to remove permission from |
|
System. Name of the role definition to add, Full Control|Design|Contribute|Read|Approve|Manage Heirarchy|Restricted Read. Use the correct name of the language of the site you are using |
|
System. Set to true to remove all permission level. |
Removes a permission level from a user
public static void RemovePermissionLevelFromUser(this SecurableObject securableObject, string userLoginName, RoleType permissionLevel, bool removeAllPermissionLevels = false)|
Securable Web/List/Item to operate against |
|
System. Loginname of user |
|
Role Permission level to remove. If null all permission levels are removed |
|
System. Set to true to remove all permission level. |
Removes a permission level from a user
public static void RemovePermissionLevelFromUser(this SecurableObject securableObject, string userLoginName, string roleDefinitionName, bool removeAllPermissionLevels = false)|
Securable Web/List/Item to operate against |
|
System. Loginname of user |
|
System. Name of the role definition to add, Full Control|Design|Contribute|Read|Approve|Manage Heirarchy|Restricted Read. Use the correct name of the language of the site you are using |
|
System. Set to true to remove all permission level. |
Removes a user from a group
public static void RemoveUserFromGroup(this Web web, Group group, User user)|
Web
web
Web to operate against |
|
Group
group
Group object to operate against |
|
User
user
User object that needs to be removed |
Removes a user from a group
public static void RemoveUserFromGroup(this Web web, string groupName, string userLoginName)|
Web
web
Web to operate against |
|
System. Name of the group |
|
System. Loginname of the user |