Export (0) Print
Expand All

How to: Work with Roles

SharePoint 2010

Last modified: April 30, 2011

Applies to: SharePoint Foundation 2010

In this article
Creating a role definition
Assigning a user to a role on a Web site
Creating a SharePoint group and adding the group to a role

Available in SharePoint Online

Through the client object model, you can create custom role definitions within site collections, and you can assign new or existing users and groups to specific roles for Web sites, lists, and list items. Similar to the way you use the SPRoleDefinitionBindingCollection class in the server object model, you add a user or group, together with a RoleDefinitionBindingCollection object, to the collection of role assignments for a specific object.

To create a role definition in the collection of role definitions for a site collection, use the BasePermissions class (JavaScript: BasePermissions) to define a permission set, use the RoleDefinitionCreationInformation class (JavaScript: RoleDefinitionCreationInformation) to define a role that includes the permission set, and then add the new role to the collection of role definitions. The following example shows how to create a role for creating and managing alerts. The Order property (JavaScript: order) specifies that the new role be displayed fourth in order among custom role definitions listed on the Permissions Levels page of the site collection.

using System;
using Microsoft.SharePoint.Client;

namespace Microsoft.SDK.SharePointServices.Samples
{
    class CreateRoleDefinition
    {
        static void Main()
        {
            ClientContext oClientContext = new ClientContext("http://MyServer/sites/MySiteCollection");

            Web oWebsite = clientContext.Web;

            BasePermissions permissions = new BasePermissions();
            permissions.Set(PermissionKind.CreateAlerts);
            permissions.Set(PermissionKind.ManageAlerts);

            RoleDefinitionCreationInformation roleCreationInfo = new RoleDefinitionCreationInformation();

            roleCreationInfo.BasePermissions = permissions;
            roleCreationInfo.Description = "A new role with create and manage alerts permission";
            roleCreationInfo.Name = "Create and Manage Alerts";
            roleCreationInfo.Order = 4;

            RoleDefinition oRoleDefinition = oWebsite.RoleDefinitions.Add(roleCreationInfo);

            clientContext.ExecuteQuery();

            Console.WriteLine("{0} role created.", oRoleDefinition.Name);
        }
    }
}

To assign a user to a particular role on a Web site, you create a RoleDefinitionBindingCollection object for the Web site context, add a role definition to the binding collection object, and then use the Add(Principal, RoleDefinitionBindingCollection) method to add the user together with the binding collection to the role assignments for the Web site. The following example assigns an existing site collection user to the role defined in the previous example.

using System;
using Microsoft.SharePoint.Client;

namespace Microsoft.SDK.SharePointServices.Samples
{
    class AddUserToRole
    {
        static void Main()
        {
            ClientContext oClientContext = new ClientContext("http://MyServer/sites/MySiteCollection/MyWebSite");
            Web oWebsite = clientContext.Web;

            Principal oUser = oWebsite.SiteUsers.GetByLoginName(@"DOMAIN\alias");

            RoleDefinition oRoleDefinition = oWebsite.RoleDefinitions.GetByName("Create and Manage Alerts");
            RoleDefinitionBindingCollection collRoleDefinitionBinding = new RoleDefinitionBindingCollection(clientContext);
            collRoleDefinitionBinding.Add(oRoleDefinition);

            RoleAssignment oRoleAssignment = oWebsite.RoleAssignments.Add(oUser, collRoleDefinitionBinding);

            clientContext.Load(oUser,
                user => user.Title);

            clientContext.Load(oRoleDefinition,
                role => role.Name);

            clientContext.ExecuteQuery();

            Console.WriteLine("{0} added with {1} role.", oUser.Title, oRoleDefinition.Name);
        }
    }
}

In the same way that you create most other objects through the client object model, use the GroupCreationInformation class to define a new group, and then use the Add(GroupCreationInformation) method to add the group to the collection of site groups in a site collection. And just as you assign users to a role, you assign a group to a particular role on a Web site by creating a RoleDefinitionBindingCollection object for the Web site context, adding a role definition to the binding collection object, and then using the Add(Principal, RoleDefinitionBindingCollection) method to add the group together with the binding collection to the role assignments for the Web site. The following example creates a group and assigns it the Contribute role on the Web site.

using System;
using Microsoft.SharePoint.Client;

namespace Microsoft.SDK.SharePointServices.Samples
{
    class CreateGroupAddToRole
    {
        static void Main()
        {
            ClientContext oClientContext = new ClientContext("http://MyServer/sites/MySiteCollection/MyWebSite");
            Web oWebsite = clientContext.Web;

            GroupCreationInformation groupCreationInfo = new GroupCreationInformation();
            groupCreationInfo.Title = "My New Group";
            groupCreationInfo.Description = "Description of new group.";
            Group oGroup = oWebsite.SiteGroups.Add(groupCreationInfo);

            RoleDefinitionBindingCollection collRoleDefinitionBinding = new RoleDefinitionBindingCollection(clientContext);

            RoleDefinition oRoleDefinition = oWebsite.RoleDefinitions.GetByType(RoleType.Contributor);

            collRoleDefinitionBinding.Add(oRoleDefinition);

            oWebsite.RoleAssignments.Add(oGroup, collRoleDefinitionBinding);

            clientContext.Load(oGroup,
                group => group.Title);

            clientContext.Load(oRoleDefinition,
                role => role.Name);

            clientContext.ExecuteQuery();

            Console.WriteLine("{0} created and assigned {1} role.", oGroup.Title, oRoleDefinition.Name);        }
    }
}

For information and examples about how to work with client objects within the context of the Microsoft SharePoint Foundation 2010 Silverlight object model, see Using the Silverlight Object Model.

Show:
© 2014 Microsoft