How to Assign a Permission Level to a User Group in SharePoint Office 365 Programmatically using C# Client Side Object Model (CSOM)


Sathish Nadarajan
SharePoint MVP
Published On :   09 Apr 2017
Visit Count
Today :  1    Total :   965
Plan, Migrate, Secure, Report
SharePoint & Office 365 Tool. Simple & Easy to Use. 15-Day Trial!

Sharegate: Kick-Ass Tool
Think Your SharePoint & Office 365 Are Secure ? Find Out Now!


In the earlier article, we saw how to create a permission level. But, simply creating the Permission Level does not help us anywhere. We need to assign the Permission Level to any User or Group. That, we can see, how to do that programmatically using C# Client Side Object Model.

By default, the Permissions screen will be as shown below.

clip_image002

Now, let us modify the Permission Level of the “CommunitySite Owners” Group to the one which we created on the earlier article.

 namespace Console.Office365
 {
     using Microsoft.SharePoint.Client;
     using Microsoft.SharePoint.Client.Taxonomy;
     using Newtonsoft.Json.Linq;
     using OfficeDevPnP.Core.Entities;
     using System;
     using System.Collections.Generic;
     using System.IO;
     using System.Linq;
     using System.Reflection;
     using System.Threading.Tasks;
 
     class Program
     {
         static void Main(string[] args)
         {
             CreateCustomPermissionLevel();
            
         }
 
         public static void CreateCustomPermissionLevel()
         {
             OfficeDevPnP.Core.AuthenticationManager authMgr = new OfficeDevPnP.Core.AuthenticationManager();
 
             string siteUrl = "https://*********.sharepoint.com/sites/communitysite";
             string userName = "Sathish@*********.onmicrosoft.com";
             string password = "************";
 
 
             using (var clientContext = authMgr.GetSharePointOnlineAuthenticatedContextTenant(siteUrl, userName, password))
             {
                 Web web = clientContext.Web;
                 clientContext.Load(web);
                 clientContext.Load(web.AllProperties);
                 clientContext.Load(web.RoleDefinitions);
                 clientContext.ExecuteQueryRetry();
                 var roleDefinitions = web.RoleDefinitions;
 
                 // Get Owners Group and Remove the Permission Levels
                 var ownersGroupRoleAssignment = web.RoleAssignments.GetByPrincipal(clientContext.Web.AssociatedOwnerGroup);
                 ownersGroupRoleAssignment.RoleDefinitionBindings.RemoveAll();
                 ownersGroupRoleAssignment.Update();
                 clientContext.Load(ownersGroupRoleAssignment);
                 clientContext.ExecuteQuery();
 
                 // Get Full Control Role Definition
                 var customFullControlRoleDefinition = roleDefinitions.GetByName("MyPermissionLevelCreatedByCode");
                 clientContext.Load(customFullControlRoleDefinition);
                 clientContext.ExecuteQuery();
 
                 RoleDefinitionBindingCollection collRDB = new RoleDefinitionBindingCollection(clientContext);
                 collRDB.Add(roleDefinitions.GetByName("MyPermissionLevelCreatedByCode"));
 
                 // Bind the Newly Created Permission Level to Owners Group
                 web.RoleAssignments.Add(web.SiteGroups.GetById(ownersGroupRoleAssignment.PrincipalId), collRDB);
 
                 // Bind the Newly Created Permission Level to Owners Group
                 //ownersGroupRoleAssignment.RoleDefinitionBindings.Add(customFullControlRoleDefinition);
                 //ownersGroupRoleAssignment.Update();
 
                 clientContext.Load(ownersGroupRoleAssignment);
                 clientContext.ExecuteQuery();
 
             }
         }
 
         
     }
 }
 

After executing the above code, the User Group will be as shown below.

clip_image004

By this way, we can change any group Permission Level, User Permission Level, and control the security of the Site Collection while creating the Site Collection Itself. The same can be applicable for the subsites as well.

Happy Coding,

Sathish Nadarajan.

SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Categories

KWizCom Forms App