Grant Permission to Folders in SharePoint Document Library using PowerShell
Requirement: grant folder permission in SharePoint using PowerShell script.
Here is my script to grant access to a folder in SharePoint Library using PowerShell:
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
function Set-FolderPermissions($webUrl, $FolderURL, $UserAccount, $PermissionLevel)
{
#Get Web
$web = Get-SPWeb $webUrl
#Get the User
$user = $web.EnsureUser($UserAccount)
#Get the Permission Level
$RoleDefinition = $web.RoleDefinitions[$PermissionLevel]
#Get the Folder
$Folder = $web.GetFolder($FolderURL).Item
if ($Folder -ne $null)
{
#Check if Item has Unique Permissions. If not, Break the inheritance
if($folder.HasUniqueRoleAssignments -eq $false)
{
$folder.BreakRoleInheritance($true)
}
#Grant Permissions
$RoleAssignment = New-Object Microsoft.SharePoint.SPRoleAssignment($user)
$RoleAssignment.RoleDefinitionBindings.Add($RoleDefinition)
$Folder.RoleAssignments.Add($RoleAssignment)
$Folder.SystemUpdate();
Write-Host "Successfully added $($user) to folder $($Folder.Name)" -foregroundcolor Green
}
}
#Variables
$WebURL="https://intranet.crescent.com/"
$FolderURL="https://intranet.crescent.com/Sales/Documents/Proposals"
$UserAccount="i:0#.w|Crescent\salaudeen"
$PermissionLevel="Read"
#Call the function to Grant permission to a folder
Set-FolderPermissions $WebURL $FolderURL $UserAccount $PermissionLevel
Set Permission to SharePoint Group to All Folders in a Library:
Certain folders in a SharePoint library is with unique permission. The requirement is to add permission to a SharePoint group to all folders with unique permissions.
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
### Variables ###
#Site URL and List names
$SiteURL = "https://intranet.crescent.com/support"
$ListName = "Documents"
#Get site and List objects
$web = Get-SPWeb $SiteURL
$List = $web.Lists.TryGetList($ListName)
$GroupName = "Support Visitors"
$PermissionLevel = "Read"
if ($list -ne $null)
{
$Foldercoll=$List.Folders | Sort-Object Name
#Loop through each Item in the List
foreach($folder in $Foldercoll)
{
#Check if Item has Unique Permissions.
if($folder.HasUniqueRoleAssignments -eq $true)
{
#Grant Access
if ($web.SiteGroups[$GroupName] -ne $null)
{
#Get the Group from GroupName Parameter
$group = $web.SiteGroups[$GroupName]
$roleAssignment = new-object Microsoft.SharePoint.SPRoleAssignment($group)
#Get Permission Level, such as "Read", "Contribute", etc
$roleDefinition = $web.RoleDefinitions[$PermissionLevel]
$roleAssignment.RoleDefinitionBindings.Add($roleDefinition);
#Grant Access to specified Group
$folder.RoleAssignments.Add($roleAssignment)
#To Remove Access: Call $item.RoleAssignments.Remove($group) . No Need for objects: roleAssignment, roleDefinition
$folder.SystemUpdate();
Write-Host "Successfully added $($PermissionLevel) to $GroupName group in $($Folder.Name)" -foregroundcolor Green
}
}
}
}