Break Permissions Item Level / Custom Permissions at item level
Blow
PowerShell script will retain list permission and give unique permissions atitem level.
We had a requirement to break all item level permissions and remove all the Groups and individual permissions at the item level and Add Owners group and Approvers group to all items and also it should retain the permissions of item created by.
At the item level it will delete the all inherited Groups from List and Add specific groups to each
item name called " Owners" with "Full Control " and "Approvers" with "Design" Permissions.
clear
asnp "*sh*"
$web=Get-SPWeb -Identity
"http://weshare.sedwdev.local/sites/teste"
Write-Host "
Author is " $web.Author.DisplayName
$list=$web.Lists.TryGetList("SourceList")
foreach($item
in $list.Items)
{
if(!$item.HasUniqueRoleAssignments)
{
$item.BreakRoleInheritance($false)
for($i=0 ; $i -lt $item.RoleAssignments.Count;$i++)
{
if(!$item["Created
By"])
{
$item.RoleAssignments.remove($i)
$item.Title + "permissions Removed "
} }
foreach( $grp in $web.Groups)
{
if ($grp.Name -match "teste Owners")
{
$rolAsgnmt=New-Object Microsoft.SharePoint.SPRoleAssignment($grp);
$roldef=$web.RoleDefinitions["Full Control"]
$rolAsgnmt.RoleDefinitionBindings.Add($roldef);
$item.RoleAssignments.Add($rolAsgnmt);
" Item
title is "+ $item.Title + " Group Added
is " + $grp.Name
$item.Update();
}
elseif
($grp.Name
-match "Approvers")
{
$rolAsgnmt1=New-Object Microsoft.SharePoint.SPRoleAssignment($grp);
$roldef1=$web.RoleDefinitions["Design"]
$rolAsgnmt1.RoleDefinitionBindings.Add($roldef1);
$item.RoleAssignments.Add($rolAsgnmt1);
" Item
title is "+ $item.Title + " Group Added
is " + $grp.Name
$item.Update();
}
}
}
}
OutPut:
No comments:
Post a Comment