SPRoleDefinitionCollection class
Represents a collection of SPRoleDefinition objects defining the role definitions that are available for use within the Web site.
Microsoft.SharePoint.Administration.SPAutoSerializingObject
Microsoft.SharePoint.SPBaseCollection
Microsoft.SharePoint.SPRoleDefinitionCollection
Namespace: Microsoft.SharePoint
Assembly: Microsoft.SharePoint (in Microsoft.SharePoint.dll)
Role definitions can be inherited from the parent SPWeb object or defined locally. In order to have unique role definitions you must have unique permissions (role assignments), but unique permissions can have either unique or inherited role definitions.
Use the RoleDefinitions property of the SPWeb class to get the collection of role definitions for a Web site. To create a role definition, use a constructor of the SPRoleDefinition class to instantiate the object, set properties on the object, and then call the Add() method to add the new role definition to the collection.
Use an indexer to return a single item from the collection. For example, if the collection is assigned to a variable named collRoleDefinitions, use collRoleDefinitions[index] in C#, or collRoleDefinitions(index) in Visual Basic, where index is either the index number of the item in the collection or a string that contains the name of the role definition.
There is not a method to retrieve user role assignments on a SharePoint Foundation list object. However, the code below allows you to retrieve this list.
private void AddListRoleAssignmentNodes(SPList objList)
{
try
{
if (objList.HasUniqueRoleAssignments)
{
SPRoleAssignmentCollection oRoleAssignments =
objList.RoleAssignments;
foreach (SPRoleAssignment oRoleAssignment in oRoleAssignments)
{
SPPrincipal oPrincipal = oRoleAssignment.Member;
try
{
// Retrieve users having explicit permissions on the list
SPUser oRoleUser = (SPUser)oPrincipal;
}
catch (Exception ex)
{
string msg = ex.Message;
}
try
{
// Retrieve user groups having permissions on the list
SPGroup oRoleGroup = (SPGroup)oPrincipal;
if (oRoleGroup.Users.Count > 0)
{
string strGroupName = oRoleGroup.Name;
// Add code here to retrieve Users inside this User-Group
}
}
catch (Exception ex)
{
string msg = ex.Message;
}
}
}
}
catch (Exception ex)
{
string msg = ex.Message;
}
}
Private Sub AddListRoleAssignmentNodes(ByVal objList As SPList) Try If objList.HasUniqueRoleAssignments Then Dim oRoleAssignments As SPRoleAssignmentCollection = objList.RoleAssignments For Each oRoleAssignment As SPRoleAssignment In oRoleAssignments Dim oPrincipal As SPPrincipal = oRoleAssignment.Member Try ' Retrieve users having explicit permissions on the list Dim oRoleUser As SPUser = CType(oPrincipal, SPUser) Catch ex As Exception Dim msg As String = ex.Message End Try Try ' Retrieve user groups having permissions on the list Dim oRoleGroup As SPGroup = CType(oPrincipal, SPGroup) If oRoleGroup.Users.Count > 0 Then Dim strGroupName As String = oRoleGroup.Name ' Add code here to retrieve Users inside this User-Group End If Catch ex As Exception Dim msg As String = ex.Message End Try Next oRoleAssignment End If Catch ex As Exception Dim msg As String = ex.Message End Try End Sub
After breaking role definition inheritance, the following code example creates a role definition that includes all rights except ManagePermissions; it also sets property values and adds the new role definition to the collection of role definitions for a site.
 Note |
|---|
Certain objects implement the IDisposable interface, and you must avoid retaining these objects in memory after they are no longer needed. For information about good coding practices, see Disposing Objects. |