none
Is it possible to change document permission programmatically in a document library?

    Question

  •  

    Hi,

    we have a requirement to limit what users see in a document library based on a specific column (e.g product). it seems there is no OOB way of doing it. thinking about changing the permission level for "ItemAdded" event recevier.is this possible? How to get the permission context and update it for an item? Appreciate it if any one can point a direction. Thanks so much.

    Monday, June 09, 2008 1:21 PM

Answers

  •  

    Hi ,

     

    You are right, We need to use event recievers to set the item or file permissions programatically.

     

    Use the following code, to set the permissions:

     

    class ChangeItemPermissions:SPItemEventReceiver

    {

    public override void ItemAdded(SPItemEventProperties properties)

    {

    SPListItem listitem = properties.ListItem;

    SPWeb web = properties.OpenWeb();

    SPRoleAssignment roleassignment;

     

    if (listitem.HasUniqueRoleAssignments)

    {

    listitem.ResetRoleInheritance();

    listitem.BreakRoleInheritance(false);

    }

    else

    {

    listitem.BreakRoleInheritance(false);

    }

     

    SPRoleDefinitionCollection webroledefinitions = web.RoleDefinitions;

     

    //Adding groups to item

    SPGroup group = web.SiteGroups["Viewers"];

    roleassignment = new SPRoleAssignment(group);

    roleassignment.RoleDefinitionBindings.Add(webroledefinitions["Contribute"]);

    listitem.RoleAssignments.Add(roleassignment);

     

    //Adding users to item

    SPUser user = web.SiteUsers["servername\\userloginID"];

    roleassignment = new SPRoleAssignment(user);

    roleassignment.RoleDefinitionBindings.Add(webroledefinitions["Read"]);

    listitem.RoleAssignments.Add(roleassignment);

    }

    }

     

     

    Monday, June 09, 2008 2:14 PM

All replies

  •  

    Hi ,

     

    You are right, We need to use event recievers to set the item or file permissions programatically.

     

    Use the following code, to set the permissions:

     

    class ChangeItemPermissions:SPItemEventReceiver

    {

    public override void ItemAdded(SPItemEventProperties properties)

    {

    SPListItem listitem = properties.ListItem;

    SPWeb web = properties.OpenWeb();

    SPRoleAssignment roleassignment;

     

    if (listitem.HasUniqueRoleAssignments)

    {

    listitem.ResetRoleInheritance();

    listitem.BreakRoleInheritance(false);

    }

    else

    {

    listitem.BreakRoleInheritance(false);

    }

     

    SPRoleDefinitionCollection webroledefinitions = web.RoleDefinitions;

     

    //Adding groups to item

    SPGroup group = web.SiteGroups["Viewers"];

    roleassignment = new SPRoleAssignment(group);

    roleassignment.RoleDefinitionBindings.Add(webroledefinitions["Contribute"]);

    listitem.RoleAssignments.Add(roleassignment);

     

    //Adding users to item

    SPUser user = web.SiteUsers["servername\\userloginID"];

    roleassignment = new SPRoleAssignment(user);

    roleassignment.RoleDefinitionBindings.Add(webroledefinitions["Read"]);

    listitem.RoleAssignments.Add(roleassignment);

    }

    }

     

     

    Monday, June 09, 2008 2:14 PM
  • thank you!!

     

    Monday, June 09, 2008 2:37 PM
  •  

    One thing to remember is that the code runs with the same security permissions as the user that adds the document to the library.  If that person does not have permissions to set security on the document being added then you will get an error.

     

    There are a few different ways to elevate permissions for a short period of time in order to overcome any permission issues.

    Monday, June 09, 2008 5:45 PM
  • would you please elabrate a little on ways to elevate permissions? Thanks.

     

    Monday, June 09, 2008 7:53 PM
  • Hi Man i did your code and set premission for test1 but my system account has been add to my list.

    can you help me?

    Wednesday, June 11, 2008 1:54 PM