We have the following:-
- online document library which contains around 1000 root folders,
We want to run a Power Shell script which runs on the 1000 root folders ONLY (without the sub-folders) >> then set unique permissions on the roots folders >> get the current permissions Groups Users >> grant them Read-Only.
Can anyone advice on such a Script ? Thanks
I have the following:-
#Parameters
$SiteURL="https://******.sharepoint.com/"
$FolderSiteRelativeURL = "/Shared Documents/"
#Connect to the Site collection
Connect-PnPOnline -URL $SiteURL -UseWebLogin
#Get the Folder from site relative URL
$Folder = Get-PnPFolder -Url $FolderSiteRelativeURL
#Get all Subfolders of a folder - recursively
$SubFolders = Get-PnPFolderItem -FolderSiteRelativeUrl $FolderSiteRelativeURL -ItemType Folder -Recursive
ForEach($SubFolder in $SubFolders)
{
If($SubFolder.ListItemAllFields.HasUniqueRoleAssignments)
{
Write-host "Folder is already with broken permissions!" -f Yellow
}
Else
{
#Break Folder permissions - keep all existing permissions & keep Item level permissions
$SubFolder.ListItemAllFields.BreakRoleInheritance($True,$True)
Invoke-PnPQuery
Write-host "Folder's Permission Inheritance is broken!!" -f Green
/// Need the code which goes here......................
}
}
To get all the root folders, but how i can get the list of permissions assigned to the folder, and set its permission level to Read instead of Edit, Contribute or full access?
Thanks
EDIT
I tried this code:-
#Parameters
$SiteURL="https://***.sharepoint.com/"
$FolderSiteRelativeURL = "Shared Documents"
#Connect to the Site collection
Connect-PnPOnline -URL $SiteURL -UseWebLogin
#Get the Folder from site relative URL
$Folder = Get-PnPFolder -Url $FolderSiteRelativeURL
#Get all Subfolders of a folder - recursively
$SubFolders = Get-PnPFolderItem -FolderSiteRelativeUrl $FolderSiteRelativeURL -ItemType Folder -Recursive
ForEach($SubFolder in $SubFolders)
{
If($SubFolder.ListItemAllFields.HasUniqueRoleAssignments)
{
Write-host "Folder is already with broken permissions!" -f Yellow
}
Else
{
Write-host "Else is running" -f Yellow
#Break Folder permissions - keep all existing permissions & keep Item level permissions
$SubFolder.ListItemAllFields.BreakRoleInheritance($True,$True)
$RoleAssignments = $SubFolder.ListItemAllFields.RoleAssignments
ForEach($RoleAssignment in $RoleAssignments)
{
//extra code should goes here..
}
Write-host "Folder's Permission Inheritance is broken!!" -f Green
}
}
but i got this error:-
The collection has not been initialized. It has not been requested or the request has not been executed. It may need to be explicitly requested. At line:13 char:9
- ForEach($RoleAssignment in $RoleAssignments)
~~~~~~~~~~~~~~~
- CategoryInfo : OperationStopped: (:) [], CollectionNotInitializedException
- FullyQualifiedErrorId : Microsoft.SharePoint.Client.CollectionNotInitializedException
CodePudding user response:
Please refer to the following articles, first get all root folders from the library, and then cycle inside to change the user's permissions.
#Grant folder permissions to SharePoint Group
Set-PnPfolderPermission -List $ListName -identity $FolderServerRelativeURL -AddRole "Read" -Group "<group name>"
Reference: Set Folder Permissions using PowerShell; PowerShell to Get Folder Permissions