locked
Breaking item level permissions RRS feed

  • Question

  • hi team,

    I need to break item level permissions on a document library for the current user + the admin group.

    i.e. the users will be able to see and edit only their docs; the admins will have full control.

    For this I am using the below code:

    item.File.CheckOut();
    
    item.BreakRoleInheritance(false);
    
    SPRoleDefinitionCollection webroledefinitions = oWeb.RoleDefinitions;
                                        
    SPRoleAssignment roleassignment = new SPRoleAssignment(currentUser);
                                        
    roleassignment.RoleDefinitionBindings.Add(webroledefinitions["Contribute"]);
                                        
    item.RoleAssignments.Add(roleassignment);

    Now, after doing this for all the existing files in the library, I found that the admin group users are not able to see ALL files in library.

    Please suggest if I need to repeat the above code for the group as well ?

    I tried that as well by changing SPRoleAssignment (may be wrong):

    SPRoleAssignment roleassignment2 = new SPRoleAssignment((SPPrincipal)admingrp);
                                        
    roleassignment.RoleDefinitionBindings.Add(webroledefinitions["Full Control"]);
                                        
    item.RoleAssignments.Add(roleassignment2);

    but I get exception on adding: Cannot add a role assignment with empty role definition binding collection.

    Please suggest. Thanks.


    Regards, Nayan

    Friday, August 7, 2015 9:16 AM

Answers

  • Can we just try with the below code first and then proceed with the second role assignment?

    SPRoleDefinition roleDef = oWeb.RoleDefinitions.GetByType(SPRoleType.Administrator);
                                     
    SPRoleAssignment roleassignment = new SPRoleAssignment(currentUser);
                                        
    roleassignment.RoleDefinitionBindings.Add(roleDef);
                                        
    item.RoleAssignments.Add(roleassignment);

    • Marked as answer by Nayan N Sunday, August 9, 2015 11:59 AM
    Friday, August 7, 2015 11:08 AM
  • I am sorry friends its my mistake basically :( :(

    my code works fine if I use correct SPRoleAssignment object.

    Sorry again to bother everyone!


    Regards, Nayan

    Friday, August 7, 2015 11:28 AM

All replies

  • Hello Nayan,

    If custom coding is not mandatory than You can achieve this by creating two different  Document Library view,one  with filter 'Created by or Modified By' and second for admin 'All Document' View.

    Vishal Goyal



    • Edited by Vishal_Goyal Friday, August 7, 2015 9:35 AM
    • Proposed as answer by Vishal_Goyal Saturday, August 8, 2015 1:28 PM
    • Unproposed as answer by Nayan N Sunday, August 9, 2015 11:59 AM
    Friday, August 7, 2015 9:35 AM
  • To break, you can write SharePoint designer based workflow, that will save your time to write codebase.

    Regards,
    Rupesh Singh
    -------------------------------------------------------------
    Please don't forget to mark it as answered, if your problem resolved or helpful.

    • Proposed as answer by Vishal_Goyal Saturday, August 8, 2015 1:28 PM
    Friday, August 7, 2015 9:42 AM
  • Hi Nayan,

    Can you please try the below piece of code?

    roleAssignment.RoleDefinitionBindings.Add(web.RoleDefinitions.GetByType(SPRoleType.Administrator));

    Friday, August 7, 2015 9:42 AM
  • Hi Nayana Pai,

    I tried replacing this code, it still gives the same exception: Cannot add a role assignment with empty role definition binding collection.

    Regards,

    Nayan


    Regards, Nayan

    Friday, August 7, 2015 10:19 AM
  • Can we just try with the below code first and then proceed with the second role assignment?

    SPRoleDefinition roleDef = oWeb.RoleDefinitions.GetByType(SPRoleType.Administrator);
                                     
    SPRoleAssignment roleassignment = new SPRoleAssignment(currentUser);
                                        
    roleassignment.RoleDefinitionBindings.Add(roleDef);
                                        
    item.RoleAssignments.Add(roleassignment);

    • Marked as answer by Nayan N Sunday, August 9, 2015 11:59 AM
    Friday, August 7, 2015 11:08 AM
  • I am sorry friends its my mistake basically :( :(

    my code works fine if I use correct SPRoleAssignment object.

    Sorry again to bother everyone!


    Regards, Nayan

    Friday, August 7, 2015 11:28 AM