SharePoint Online: How to Make a List Read-Only?
Requirement: Make a SharePoint Online list to read only.
How to make a list read only in SharePoint Online?
Well, there is no direct way to set a SharePoint Online list to read-only. However, we can follow this workaround to make a list to read-only mode.
- Navigate to your SharePoint Online List >> Click on Settings gear and choose "List Settings"
- Click on "Permissions for this list" link under "Permissions and Management" group of the list settings page.
- Click on "Stop Inheriting Permissions" button in the ribbon and confirm the prompt, if the list is not with broken permissions already.
- Select users and groups that has permissions other than read. E.g. Full Control, Edit, contribute, Etc. and click on "Edit User Permissions" button in the ribbon.
- In the Edit Permissions page, Select "Read" permissions and Click on "OK" to reset everyone's permission to "Read".
PowerShell to make a list read only in SharePoint Online
Lets automate above steps to make a SharePoint Online list or library to read only.
#Parameter $SiteURL = "https://Crescent.sharepoint.com/sites/PMO" $ListName= "Projects" #Connect to PnP Online Connect-PnPOnline -Url $SiteURL -UseWebLogin #Get the Web and List $Web = Get-PnPWeb $List = Get-PnPList -Identity $ListName -Includes HasUniqueRoleAssignments, RoleAssignments #Break Permissions of the List If ($List.HasUniqueRoleAssignments -eq $False) { Set-PnPList -Identity $ListName -BreakRoleInheritance -CopyRoleAssignments } #Get Read Permission Level $ReadPermission = Get-PnPRoleDefinition -Identity "Read" #Grant "Read" permissions, if its not granted already $List.RoleAssignments | ForEach-Object { #Get the user or group of the assignment - Handle error for orphans $Member = Get-PnPProperty -ClientObject $_ -Property Member -ErrorAction SilentlyContinue If($Member.IsHiddenInUI -eq $False) { Get-PnPProperty -ClientObject $_ -Property RoleDefinitionBindings | Out-Null #Check if the current assignment has any permission other than Read or related $PermissionsToReplace = $_.RoleDefinitionBindings | Where {$_.Hidden -eq $False -And $_.Name -Notin ("Read", "Restricted Read", "Restricted Interfaces for Translation")} #Grant "Read" permissions, if its not granted already If($PermissionsToReplace -ne $Null) { $_.RoleDefinitionBindings.Add($ReadPermission) $_.Update() Invoke-PnPQuery Write-host "Added 'Read' Permissions to '$($Member.Title)'" -ForegroundColor Cyan } } } #Reload List permissions $List = Get-PnPList -Identity $ListName -Includes RoleAssignments #Remove All permissions other than Read or Similar $List.RoleAssignments | ForEach-Object { #Get the user or group of the assignment - Handle error for orphans $Member = Get-PnPProperty -ClientObject $_ -Property Member #-ErrorAction SilentlyContinue | Out-Null If($Member.IsHiddenInUI -eq $False) { Get-PnPProperty -ClientObject $_ -Property RoleDefinitionBindings | Out-Null $PermissionsToRemove = $_.RoleDefinitionBindings | Where {$_.Hidden -eq $False -And $_.Name -Notin ("Read", "Restricted Read", "Restricted Interfaces for Translation")} If($PermissionsToRemove -ne $null) { ForEach($RoleDefBinding in $PermissionsToRemove) { $_.RoleDefinitionBindings.Remove($RoleDefBinding) Write-host "Removed '$($RoleDefBinding.Name)' Permissions from '$($Member.Title)'" -ForegroundColor Yellow } $_.Update() Invoke-PnPQuery } } } Write-host "List is set to Read-Only Successfully!" -f GreenThis PowerShell script resets all permissions with "Read". Please note, These methods doesn't control Site Collection Administrators!
Hi
ReplyDeleteis there a script to find out all list and libraries in tenant which are using infopath form and save output to a csv file?
Thanks
I was facing this issue of making a SharePoint Online list to read only. Gone through many articles, but this post has good information and showed each step in detailed. Thanks for sharing!
ReplyDeleteHi, This is very helpful, thank you so much for the great work. Is there a script that runs through all the libraries in a site collection and set Read access. I have site collections with 10+ libraries and I was hoping a script that runs and set Read access in each library instead of running this for reach library. thanks a lot!
ReplyDeleteYou can wrap the script that sets permissions, inside a function and re-use it for multiple libraries!
DeleteThank you, Salaudeen! I'm new to PowerShell scripts but I will try it.
ReplyDelete