Home > OS >  PnP Script to get root folders of a SharePoint online document library and set unique permissions
PnP Script to get root folders of a SharePoint online document library and set unique permissions

Time:08-31

We have the following:-

  1. online document library which contains around 1000 root folders,

We want to run a Power Shell script which runs on the 1000 root folders ONLY (without the sub-folders) >> then set unique permissions on the roots folders >> get the current permissions Groups Users >> grant them Read-Only.

Can anyone advice on such a Script ? Thanks

I have the following:-

#Parameters
$SiteURL="https://******.sharepoint.com/"
$FolderSiteRelativeURL = "/Shared Documents/"
 
#Connect to the Site collection
Connect-PnPOnline -URL $SiteURL -UseWebLogin
 
#Get the Folder from site relative URL
$Folder = Get-PnPFolder -Url $FolderSiteRelativeURL
 
#Get all Subfolders of a folder - recursively
$SubFolders = Get-PnPFolderItem -FolderSiteRelativeUrl $FolderSiteRelativeURL -ItemType Folder -Recursive

ForEach($SubFolder in $SubFolders)
    {
If($SubFolder.ListItemAllFields.HasUniqueRoleAssignments)
{
    Write-host "Folder is already with broken permissions!" -f Yellow
}
Else
{
    #Break Folder permissions - keep all existing permissions & keep Item level permissions
    $SubFolder.ListItemAllFields.BreakRoleInheritance($True,$True)
    Invoke-PnPQuery
 
    Write-host "Folder's Permission Inheritance is broken!!" -f Green
        /// Need the code which goes here......................   
}
    }

To get all the root folders, but how i can get the list of permissions assigned to the folder, and set its permission level to Read instead of Edit, Contribute or full access?

Thanks

EDIT

I tried this code:-

#Parameters
$SiteURL="https://***.sharepoint.com/"
$FolderSiteRelativeURL = "Shared Documents"
 
#Connect to the Site collection
Connect-PnPOnline -URL $SiteURL -UseWebLogin
 
#Get the Folder from site relative URL
$Folder = Get-PnPFolder -Url $FolderSiteRelativeURL
 
#Get all Subfolders of a folder - recursively
$SubFolders = Get-PnPFolderItem -FolderSiteRelativeUrl $FolderSiteRelativeURL -ItemType Folder -Recursive

ForEach($SubFolder in $SubFolders)
    {
If($SubFolder.ListItemAllFields.HasUniqueRoleAssignments)
{
    Write-host "Folder is already with broken permissions!" -f Yellow
}
Else
{
Write-host "Else is running" -f Yellow
    #Break Folder permissions - keep all existing permissions & keep Item level permissions
    $SubFolder.ListItemAllFields.BreakRoleInheritance($True,$True)
    $RoleAssignments = $SubFolder.ListItemAllFields.RoleAssignments
    ForEach($RoleAssignment in $RoleAssignments)
        {
            //extra code should goes here..
        }
 
    Write-host "Folder's Permission Inheritance is broken!!" -f Green   
}
    }

but i got this error:-

The collection has not been initialized. It has not been requested or the request has not been executed. It may need to be explicitly requested. At line:13 char:9

  • ForEach($RoleAssignment in $RoleAssignments)
  •     ~~~~~~~~~~~~~~~
    
    • CategoryInfo : OperationStopped: (:) [], CollectionNotInitializedException
    • FullyQualifiedErrorId : Microsoft.SharePoint.Client.CollectionNotInitializedException

CodePudding user response:

Please refer to the following articles, first get all root folders from the library, and then cycle inside to change the user's permissions.

#Grant folder permissions to SharePoint Group
 Set-PnPfolderPermission -List $ListName -identity $FolderServerRelativeURL -AddRole "Read" -Group "<group name>"

Reference: Set Folder Permissions using PowerShell; PowerShell to Get Folder Permissions

  • Related