This manager class holds security related methods
public static class SecurityExtensions : objectAdd a site collection administrator to a site collection
public static void AddAdministrators(this Web web, List<UserEntity> adminLogins, bool addToOwnersGroup = false)|
Web
web
Site to operate on |
|
List<UserEntity>
adminLogins
Array of admins loginnames to add |
|
System.Boolean
addToOwnersGroup
Optionally the added admins can also be added to the Site owners group |
Adds a group
public static Group AddGroup(this Web web, string groupName, string groupDescription, bool groupIsOwner, bool updateAndExecuteQuery = true, bool onlyAllowMembersViewMembership = false)|
Web
web
Site to add the group to |
|
System.String
groupName
Name of the group |
|
System.String
groupDescription
Description of the group |
|
System.Boolean
groupIsOwner
Sets the created group as group owner if true |
|
System.Boolean
updateAndExecuteQuery
Set to false to postpone the executequery call |
|
System.Boolean
onlyAllowMembersViewMembership
Set whether members are allowed to see group membership, defaults to false |
|
Group
The created group |
Add a permission level (e.g.Contribute, Reader,...) to a group
public static void AddPermissionLevelToGroup(this SecurableObject securableObject, string groupName, RoleType permissionLevel, bool removeExistingPermissionLevels = false)|
SecurableObject
securableObject
Web/List/Item to operate against |
|
System.String
groupName
Name of the group |
|
RoleType
permissionLevel
Permission level to add |
|
System.Boolean
removeExistingPermissionLevels
Set to true to remove all other permission levels for that group |
Add a role definition (e.g.Contribute, Read, Approve) to a group
public static void AddPermissionLevelToGroup(this SecurableObject securableObject, string groupName, string roleDefinitionName, bool removeExistingPermissionLevels = false)|
SecurableObject
securableObject
Web/List/Item to operate against |
|
System.String
groupName
Name of the group |
|
System.String
roleDefinitionName
Name of the role definition to add, Full Control|Design|Contribute|Read|Approve|Manage Hierarchy|Restricted Read. Use the correct name of the language of the root site you are using |
|
System.Boolean
removeExistingPermissionLevels
Set to true to remove all other permission levels for that group |
Add a permission level (e.g.Contribute, Reader,...) to a group
public static void AddPermissionLevelToPrincipal(this SecurableObject securableObject, Principal principal, RoleType permissionLevel, bool removeExistingPermissionLevels = false)|
SecurableObject
securableObject
Web/List/Item to operate against |
|
Principal
principal
Principal to add permission to |
|
RoleType
permissionLevel
Permission level to add |
|
System.Boolean
removeExistingPermissionLevels
Set to true to remove all other permission levels for that group |
Add a role definition (e.g.Contribute, Read, Approve) to a group
public static void AddPermissionLevelToPrincipal(this SecurableObject securableObject, Principal principal, string roleDefinitionName, bool removeExistingPermissionLevels = false)|
SecurableObject
securableObject
Web/List/Item to operate against |
|
Principal
principal
Principal to add permission to |
|
System.String
roleDefinitionName
Name of the role definition to add, Full Control|Design|Contribute|Read|Approve|Manage Hierarchy|Restricted Read. Use the correct name of the language of the root site you are using |
|
System.Boolean
removeExistingPermissionLevels
Set to true to remove all other permission levels for that group |
Add a permission level (e.g.Contribute, Reader,...) to a user
public static void AddPermissionLevelToUser(this SecurableObject securableObject, string userLoginName, RoleType permissionLevel, bool removeExistingPermissionLevels = false)|
SecurableObject
securableObject
Web/List/Item to operate against |
|
System.String
userLoginName
Loginname of the user |
|
RoleType
permissionLevel
Permission level to add |
|
System.Boolean
removeExistingPermissionLevels
Set to true to remove all other permission levels for that user |
Add a role definition (e.g.Contribute, Read, Approve) to a user
public static void AddPermissionLevelToUser(this SecurableObject securableObject, string userLoginName, string roleDefinitionName, bool removeExistingPermissionLevels = false)|
SecurableObject
securableObject
Web/List/Item to operate against |
|
System.String
userLoginName
Loginname of the user |
|
System.String
roleDefinitionName
Name of the role definition to add, Full Control|Design|Contribute|Read|Approve|Manage Hierarchy|Restricted Read. Use the correct name of the language of the root site you are using |
|
System.Boolean
removeExistingPermissionLevels
Set to true to remove all other permission levels for that user |
Add read access to the group "Everyone except external users".
public static User AddReaderAccess(this Web web)|
Web
web
Site to be processed - can be root web or sub site |
|
User
|
Add read access to the group "Everyone except external users".
public static User AddReaderAccess(this Web web, BuiltInIdentity user)|
Web
web
Site to be processed - can be root web or sub site |
|
BuiltInIdentity
user
Built in user to add to the visitors group |
|
User
|
Adds a user to a group
public static void AddUserToGroup(this Web web, Group group, string userLoginName)|
Web
web
Web to operate against |
|
Group
group
Group object representing the group |
|
System.String
userLoginName
Login name of the user |
Adds a user to a group
public static void AddUserToGroup(this Web web, Group group, User user)|
Web
web
Web to operate against |
|
Group
group
Group object representing the group |
|
User
user
User object representing the user |
Adds a user to a group
public static void AddUserToGroup(this Web web, int groupId, string userLoginName)|
Web
web
web to operate against |
|
System.Int32
groupId
Id of the group |
|
System.String
userLoginName
Login name of the user |
Adds a user to a group
public static void AddUserToGroup(this Web web, string groupName, string userLoginName)|
Web
web
web to operate against |
|
System.String
groupName
Name of the group |
|
System.String
userLoginName
Loginname of the user |
Associate the provided groups as default owners, members or visitors groups. If a group is null then the association is not done
public static void AssociateDefaultGroups(this Web web, Group owners, Group members, Group visitors)|
Web
web
Site to operate on |
|
Group
owners
Owners group |
|
Group
members
Members group |
|
Group
visitors
Visitors group |
Get a list of site collection administrators
public static List<UserEntity> GetAdministrators(this Web web)|
Web
web
Site to operate on |
|
List<UserEntity>
List of UserEntity objects |
Get all unique role assignments for a web object and all its descendents down to document or list item level.
public static IEnumerable<RoleAssignmentEntity> GetAllUniqueRoleAssignments(this Web web, int leafBreadthLimit = null)|
Web
web
The current web object to be processed. |
|
System.Int32
leafBreadthLimit
Skip further visiting on this branch if the number of child items or documents with unique role assignments exceeded leafBreadthLimit. When setting to 0, the process will stop at list / document library level. |
|
IEnumerable<RoleAssignmentEntity>
Returns all role assignments |
Returns the authentication realm for the current web
public static Guid GetAuthenticationRealm(this Web web)|
Web
web
The Current site |
|
Guid
Returns Realm in Guid |
Returns the correct value of the "Everyone except external users" string value
public static string GetEveryoneExceptExternalUsersClaimName(this Web web)|
Web
web
Web to get the language from |
|
System.String
String in correct translation |
Returns a list all external users for a given site that have at least the viewpages permission
public static List<ExternalUserEntity> GetExternalUsersForSiteTenant(this Web web, Uri siteUrl)|
Web
web
Tenant administration web |
|
Uri
siteUrl
Url of the site fetch the external users for |
|
List<ExternalUserEntity>
A list of ExternalUserEntity objects |
Returns a list all external users in your tenant
public static List<ExternalUserEntity> GetExternalUsersTenant(this Web web)|
Web
web
Tenant administration web |
|
List<ExternalUserEntity>
A list of ExternalUserEntity objects |
Returns the integer ID for a given group name
public static int GetGroupID(this Web web, string groupName)|
Web
web
Site to be processed - can be root web or sub site |
|
System.String
groupName
SharePoint group name |
|
System.Int32
Integer group ID |
Get all unique role assignments for a user or a group in a web object and all its descendents down to document or list item level.
public static IEnumerable<RoleAssignmentEntity> GetPrincipalUniqueRoleAssignments(this Web web, Principal principal, int leafBreadthLimit = null)|
Web
web
The current web object to be processed. |
|
Principal
principal
The current web object to be processed. |
|
System.Int32
leafBreadthLimit
Skip further visiting on this branch if the number of child items or documents with unique role assignments exceeded leafBreadthLimit. When setting to 0, the process will stop at list / document library level. |
|
IEnumerable<RoleAssignmentEntity>
Returns all role assignments |
Get the external sharing settings for the provided site. Only works in Office 365 Multi-Tenant
public static string GetSharingCapabilitiesTenant(this Web web, Uri siteUrl)|
Web
web
Tenant administration web |
|
Uri
siteUrl
Site to get the sharing capabilities from |
|
System.String
Sharing capabilities of the site collection |
Checks if a group exists
public static bool GroupExists(this Web web, string groupName)|
Web
web
Web to operate against |
|
System.String
groupName
Name of the group |
|
System.Boolean
True if the group exists, false otherwise |
Checks if a user is member of a group
public static bool IsUserInGroup(this Web web, string groupName, string userLoginName)|
Web
web
Web to operate against |
|
System.String
groupName
Name of the group |
|
System.String
userLoginName
Loginname of the user |
|
System.Boolean
True if the user is in the group, false otherwise |
Removes an administrators from the site collection
public static void RemoveAdministrator(this Web web, UserEntity admin)|
Web
web
Site to operate on |
|
UserEntity
admin
UserEntity that describes the admin to be removed |
Remove a group
public static void RemoveGroup(this Web web, Group group)|
Web
web
Web to operate against |
|
Group
group
Group object to remove |
Remove a group
public static void RemoveGroup(this Web web, string groupName)|
Web
web
Web to operate against |
|
System.String
groupName
Name of the group |
Removes a permission level from a group
public static void RemovePermissionLevelFromGroup(this SecurableObject securableObject, string groupName, RoleType permissionLevel, bool removeAllPermissionLevels = false)|
SecurableObject
securableObject
Web/List/Item to operate against |
|
System.String
groupName
name of the group |
|
RoleType
permissionLevel
Permission level to remove. If null all permission levels are removed |
|
System.Boolean
removeAllPermissionLevels
Set to true to remove all permission level. |
Removes a permission level from a group
public static void RemovePermissionLevelFromGroup(this SecurableObject securableObject, string groupName, string roleDefinitionName, bool removeAllPermissionLevels = false)|
SecurableObject
securableObject
Web/List/Item to operate against |
|
System.String
groupName
name of the group |
|
System.String
roleDefinitionName
Name of the role definition to add, Full Control|Design|Contribute|Read|Approve|Manage Heirarchy|Restricted Read. Use the correct name of the language of the site you are using |
|
System.Boolean
removeAllPermissionLevels
Set to true to remove all permission level. |
Removes a permission level from a user
public static void RemovePermissionLevelFromPrincipal(this SecurableObject securableObject, Principal principal, RoleType permissionLevel, bool removeAllPermissionLevels = false)|
SecurableObject
securableObject
Web/List/Item to operate against |
|
Principal
principal
Principal to remove permission from |
|
RoleType
permissionLevel
Permission level to remove. If null all permission levels are removed |
|
System.Boolean
removeAllPermissionLevels
Set to true to remove all permission level. |
Removes a permission level from a user
public static void RemovePermissionLevelFromPrincipal(this SecurableObject securableObject, Principal principal, string roleDefinitionName, bool removeAllPermissionLevels = false)|
SecurableObject
securableObject
Web/List/Item to operate against |
|
Principal
principal
Principal to remove permission from |
|
System.String
roleDefinitionName
Name of the role definition to add, Full Control|Design|Contribute|Read|Approve|Manage Heirarchy|Restricted Read. Use the correct name of the language of the site you are using |
|
System.Boolean
removeAllPermissionLevels
Set to true to remove all permission level. |
Removes a permission level from a user
public static void RemovePermissionLevelFromUser(this SecurableObject securableObject, string userLoginName, RoleType permissionLevel, bool removeAllPermissionLevels = false)|
SecurableObject
securableObject
Web/List/Item to operate against |
|
System.String
userLoginName
Loginname of user |
|
RoleType
permissionLevel
Permission level to remove. If null all permission levels are removed |
|
System.Boolean
removeAllPermissionLevels
Set to true to remove all permission level. |
Removes a permission level from a user
public static void RemovePermissionLevelFromUser(this SecurableObject securableObject, string userLoginName, string roleDefinitionName, bool removeAllPermissionLevels = false)|
SecurableObject
securableObject
Web/List/Item to operate against |
|
System.String
userLoginName
Loginname of user |
|
System.String
roleDefinitionName
Name of the role definition to add, Full Control|Design|Contribute|Read|Approve|Manage Heirarchy|Restricted Read. Use the correct name of the language of the site you are using |
|
System.Boolean
removeAllPermissionLevels
Set to true to remove all permission level. |
Removes a user from a group
public static void RemoveUserFromGroup(this Web web, Group group, User user)|
Web
web
Web to operate against |
|
Group
group
Group object to operate against |
|
User
user
User object that needs to be removed |
Removes a user from a group
public static void RemoveUserFromGroup(this Web web, string groupName, string userLoginName)|
Web
web
Web to operate against |
|
System.String
groupName
Name of the group |
|
System.String
userLoginName
Loginname of the user |