SharePoint Online: Grant Permission to All Files in a Folder using PowerShell
Requirement: Grant Permission to All Files in a Folder in SharePoint Online.
PowerShell to Set Permission to each File in a Folder
Managing the permissions of large numbers of files in SharePoint can be a time-consuming and complex task, especially when it comes to granting or revoking access to multiple files at once. Fortunately, administrators can use PowerShell scripts to automate the process and simplify the task of granting permissions to a folder of files. In this tutorial, we will show you how to grant permissions to all files in a folder in SharePoint Online using PowerShell.
Do you have a folder (or document library) with a bunch of files, and each file has unique permissions, and you want to grant permission to all files at once? Sure, Here is the PowerShell script to do that:
#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
Function Grant-ListItemPermission
{
param
(
[Parameter(Mandatory=$true)] [string]$ItemID
)
Try {
#Get the List and Item
$List = $Ctx.Web.Lists.GetByTitle($ListName)
$ListItem=$List.GetItemByID($ItemID)
$Ctx.Load($List)
$Ctx.Load($ListItem)
$Ctx.ExecuteQuery()
#Check if Item has unique permission already
$ListItem.Retrieve("HasUniqueRoleAssignments")
$Ctx.ExecuteQuery()
#Break Item's permission Inheritance, if its inheriting permissions from the parent
if (-not $ListItem.HasUniqueRoleAssignments)
{
$ListItem.BreakRoleInheritance($True, $false) #keep the existing permissions: Yes - Clear listitems permissions: No
$ctx.ExecuteQuery()
}
#Get the User
$User = $Ctx.Web.EnsureUser($UserID)
$Ctx.load($User)
$Ctx.ExecuteQuery()
#Get the role
$Role = $Ctx.web.RoleDefinitions.GetByName($PermissionLevel)
$RoleDB = New-Object Microsoft.SharePoint.Client.RoleDefinitionBindingCollection($Ctx)
$RoleDB.Add($Role)
#Assign permissions
$UserPermissions = $ListItem.RoleAssignments.Add($User,$RoleDB)
$ListItem.Update()
$Ctx.ExecuteQuery()
Write-host -f Green "Permission granted to List Item successfully!"
}
Catch {
Write-host -f Red "Error granting permission to List Item!" $_.Exception.Message
}
}
Function Get-AllFilesFromFolder
{
param
(
[Parameter(Mandatory=$true)] [string]$FolderRelativeURL
)
Try {
#Get the Folder and Files
$Folder=$Ctx.Web.GetFolderByServerRelativeUrl($FolderRelativeURL)
$Ctx.Load($Folder)
$Ctx.Load($Folder.Folders)
$Ctx.Load($Folder.Files)
$Ctx.ExecuteQuery()
#Iterate through each File in the folder
Foreach($File in $Folder.Files)
{
#Get Name for each File
Write-Host ("Granting '{0}' Permission to User {1} on {2} at {3}" -f $PermissionLevel, $UserID, $File.Name, $File.ServerRelativeUrl)
#Get the Properties of the File
$Ctx.Load($File.ListItemAllFields)
$Ctx.ExecuteQuery()
#Call the function to grant permission to file
Grant-ListItemPermission -ItemID $File.ListItemAllFields.Id
}
#Recursively process sub-folders
ForEach($SubFolder in $Folder.Folders | Where{($_.Name -ne "Forms") -and (-Not($_.Name.StartsWith("_")))})
{
Get-AllFilesFromFolder $SubFolder.ServerRelativeUrl
}
}
Catch {
write-host -f Red "Error Getting Files from Folder!" $_.Exception.Message
}
}
#Set parameter values
$SiteURL="https://crescent.sharepoint.com/Sites/Marketing"
$ListName = "Documents"
$FolderRelativeURL = "/Sites/Marketing/Shared Documents"
$UserID="salaudeen@crescent.com"
$PermissionLevel="Edit"
#Get Credentials to connect
$Cred= Get-Credential
$Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)
#Setup the context
$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
$Ctx.Credentials = $Credentials
#Call the function to process all files in a folder
Get-AllFilesFromFolder -FolderRelativeURL $FolderRelativeURL
PnP PowerShell to Grant Permission to All Files in a Folder in SharePoint Online:
This time, let’s grant access to all files from a folder in the SharePoint Online library with the help of the PnP PowerShell cmdlet Set-PnPListItemPermission. Here is how to give unique permission to a folder in SharePoint Online:
#Set Variables
$SiteURL = "https://crescent.sharepoint.com/sites/Marketing"
$ListName="Documents"
$ParentFolderURL = "/Shared Documents/2018" #Site Relative Path of the document Library
$UserAccount = "Salaudeen@crescent.com"
$Role = "Edit"
#Connect to PnP Online
Connect-PnPOnline -Url $SiteURL -Credentials (Get-Credential)
#Get all Files from the Folder
$AllFiles = Get-PnPFolderItem -ItemType File -FolderSiteRelativeUrl $ParentFolderURL
#Iterate through each File in the Folder
ForEach($File in $AllFiles)
{
#Grant permissions to the File
Set-PnPListItemPermission -List $ListName -Identity $File.ListItemAllFields -User $UserAccount -AddRole $Role
Write-host ("Granted Permission to '{0}' at {1} " -f $File.Name,$File.ServerRelativeUrl)
}
You can also use the cmdlet Set-PnPFolderPermission to set permission on a folder. To get all files recursively from the folder, simply use the “-Recursive” switch to the Get-PnPFolderItem cmdlet.
Conclusion
By using PowerShell scripts, administrators can automate the process of granting permissions to files in SharePoint Online, making it quick and easy to manage large numbers of files. Granting permissions to all files in a folder can be done in a matter of minutes, saving administrators time and reducing the risk of manual errors. In conclusion, using PowerShell to grant permissions to all files in a folder in SharePoint Online is an efficient and effective way to manage user access. Whether you are dealing with a small number of files or a large folder with hundreds of files, this process can be automated to make bulk changes quickly and easily.
Thank you so much, you have PowerShell solution to every other issues in SP!