Post
Ask Question

Adding SharePoint Group to the Site Programmatically

Hello,

We had a requirement like when one of the sub site gets created, permission inheritance should be broken and new group with specific permission level should be added.

Here I will discuss the steps to break the inheritance and adding custom SharePoint group with custom permission level. We write one feature and included in our custom site definition for the given sub site. We did our code in FeatureActivated event.

1. Allow unsafe update on the web, this can be done as follows:

  1. //get a reference to the web  
  2. SPWeb web = properties.Feature.Parent as SPWeb;  
  3.   
  4. //get a current value of AllowUnsafeUpdates property  
  5. bool allowunsafeupdate = web.AllowUnsafeUpdates;  
  6.   
  7. //Allow the unsafe updates  
  8. web.AllowUnsafeUpdates = true

2. Break the inheritance permission, this can be done by calling BreakRoleInheritance() method as follows:

  1. //break the inheritance permission and not copying the role assignment from parent  
  2. web.BreakRoleInheritance(false); 

Reference: SPWeb.BreakRoleInheritance method.

The false argument indicates not to copy the roles assignment from parent object.

Now to add the group to current web, there is a property AssociatedGroups which returns list of SPGroup instance and then using Add() method we can add the group. This Add() method requires instance of SPGroup.

So to get the instance of SPGroup which we need to add, we need to go through the each group for root web(or parent web) and compare with which we need to add like as follows:

  1. //My custom group name  
  2. string myCustomGroupName = “MyCustomGroupName”;  
  3.   
  4. //Getting all associated groups from root web  
  5. IList<SPGroup> associatedGroups = web.Site.RootWeb.AssociatedGroups;  
  6.   
  7. //My custom group declaration  
  8. SPGroup myCustomGroup = null;  
  9.   
  10. //Looping through all the groups to get my custom group instance  
  11. foreach(SPGroup group in associatedGroups){  
  12.   
  13.   
  14. //Comparing mycustom group name with current group name  
  15. if(group.Name.Equals(myCustomGroupName, StringComparison.InvariantCultureIgnoreCase)){  
  16. myCustomGroup = group;  
  17. break;  
  18.    }//if-end      
  19. }//foreach - end  
  20.   
  21. if(myCustomGroup!= null){  
  22.     //Adding my custom group to the group collection of web  
  23. web.AssociatedGroups.Add(myCustomGroup);  

Now to assign the custom permission level to my custom group.

  1. //Getting my custom role(custom permission level created)  
  2. SPRoleDefinition customPermissionRole = web.RoleDefinitions["CustomPermission", web.Site.RootWeb)];  
  3.   
  4. //Creating role assignment object for my group  
  5. SPRoleAssignment customRoleAssignment = new SPRoleAssignment(myCustomGroup);  
  6.   
  7. //Adding custom permission level to the roledefinitions bindings  
  8. customRoleAssignment.RoleDefinitionBindings.Add(customPermissionRole);  
  9.   
  10. web.RoleAssignments.Add(customRoleAssignment); 

3. Update the web and reset the AllowUnsafeUpdates property.

  1. web.Update();  
  2. web.AllowUnsafeUpdates = allowunsafeupdate; 

Any comments / suggestions are welcome.

Hope this will help you! Enjoy reading!

Thanks!