Export (0) Print
Expand All

SPRoleDefinitionCollection class

Represents a collection of SPRoleDefinition objects defining the role definitions that are available for use within the Web site.

Namespace:  Microsoft.SharePoint
Assembly:  Microsoft.SharePoint (in Microsoft.SharePoint.dll)

public sealed class SPRoleDefinitionCollection : SPBaseCollection

Role definitions can be inherited from the parent SPWeb object or defined locally. In order to have unique role definitions you must have unique permissions (role assignments), but unique permissions can have either unique or inherited role definitions.

Use the RoleDefinitions property of the SPWeb class to get the collection of role definitions for a Web site. To create a role definition, use a constructor of the SPRoleDefinition class to instantiate the object, set properties on the object, and then call the Add() method to add the new role definition to the collection.

Use an indexer to return a single item from the collection. For example, if the collection is assigned to a variable named collRoleDefinitions, use collRoleDefinitions[index] in C#, or collRoleDefinitions(index) in Visual Basic, where index is either the index number of the item in the collection or a string that contains the name of the role definition.

There is not a method to retrieve user role assignments on a SharePoint Foundation list object. However, the code below allows you to retrieve this list.


private void AddListRoleAssignmentNodes(SPList objList)
{ 
   try
   {
      if (objList.HasUniqueRoleAssignments)
      {
         SPRoleAssignmentCollection oRoleAssignments =
            objList.RoleAssignments;

         foreach (SPRoleAssignment oRoleAssignment in oRoleAssignments)
         {
            SPPrincipal oPrincipal = oRoleAssignment.Member;
            try
            {
               // Retrieve users having explicit permissions on the list
               SPUser oRoleUser = (SPUser)oPrincipal;
            }
            catch (Exception ex)
            {
               string msg = ex.Message;
            }
            try
            {
               // Retrieve user groups having permissions on the list
               SPGroup oRoleGroup = (SPGroup)oPrincipal;

               if (oRoleGroup.Users.Count > 0)
               { 
                  string strGroupName = oRoleGroup.Name;
                  // Add code here to retrieve Users inside this User-Group
               }
            }
            catch (Exception ex)
            {
               string msg = ex.Message;
            }
         }
      }
   }
   catch (Exception ex)
   {
      string msg = ex.Message;
   }
}

Private Sub AddListRoleAssignmentNodes(ByVal objList As SPList)
   Try
     If objList.HasUniqueRoleAssignments Then
       Dim oRoleAssignments As SPRoleAssignmentCollection = objList.RoleAssignments

       For Each oRoleAssignment As SPRoleAssignment In oRoleAssignments
         Dim oPrincipal As SPPrincipal = oRoleAssignment.Member
         Try
            ' Retrieve users having explicit permissions on the list
            Dim oRoleUser As SPUser = CType(oPrincipal, SPUser)
         Catch ex As Exception
            Dim msg As String = ex.Message
         End Try
         Try
            ' Retrieve user groups having permissions on the list
            Dim oRoleGroup As SPGroup = CType(oPrincipal, SPGroup)

            If oRoleGroup.Users.Count > 0 Then
              Dim strGroupName As String = oRoleGroup.Name
              ' Add code here to retrieve Users inside this User-Group
            End If
         Catch ex As Exception
            Dim msg As String = ex.Message
         End Try
       Next oRoleAssignment
     End If
   Catch ex As Exception
     Dim msg As String = ex.Message
   End Try
End Sub

After breaking role definition inheritance, the following code example creates a role definition that includes all rights except ManagePermissions; it also sets property values and adds the new role definition to the collection of role definitions for a site.

string strRoleName = "Custom Role Definition";
using (SPSite oSiteCollection = new SPSite("http://Server_Name/Subsite1"))
{
    using (SPWeb oWebsite = oSiteCollection.OpenWeb())
    {

        if (!oWebsite.HasUniqueRoleDefinitions)
        {
            oWebsite.RoleDefinitions.BreakInheritance(true, true);
        }

        SPRoleDefinition oRoleDefinition = new SPRoleDefinition();
        oRoleDefinition.Name = strRoleName;
        oRoleDefinition.Description = "A role definition with all rights except ManagePermissions";
        oRoleDefinition.BasePermissions = SPBasePermissions.FullMask ^ SPBasePermissions.ManagePermissions;
        oWebsite.RoleDefinitions.Add(oRoleDefinition);
    }
}
NoteNote

Certain objects implement the IDisposable interface, and you must avoid retaining these objects in memory after they are no longer needed. For information about good coding practices, see Disposing Objects.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Show:
© 2014 Microsoft