SharePoint Online: How to Make a List Read-Only?
Requirement: Make a SharePoint Online list to read only.
How to make a list read only in SharePoint Online?
Well, there is no direct way to set a SharePoint Online list to read-only. However, we can follow this workaround to make a list to read-only mode.
- Navigate to your SharePoint Online List >> Click on Settings gear and choose "List Settings"
- Click on "Permissions for this list" link under "Permissions and Management" group of the list settings page.
- Click on "Stop Inheriting Permissions" button in the ribbon and confirm the prompt, if the list is not with broken permissions already.
- Select users and groups that has permissions other than read. E.g. Full Control, Edit, contribute, Etc. and click on "Edit User Permissions" button in the ribbon.
- In the Edit Permissions page, Select "Read" permissions and Click on "OK" to reset everyone's permission to "Read".
PowerShell to make a list read only in SharePoint Online
Lets automate above steps to make a SharePoint Online list or library to read only.
#Parameter
$SiteURL = "https://Crescent.sharepoint.com/sites/PMO"
$ListName= "Projects"
#Connect to PnP Online
Connect-PnPOnline -Url $SiteURL -UseWebLogin
#Get the Web and List
$Web = Get-PnPWeb
$List = Get-PnPList -Identity $ListName -Includes HasUniqueRoleAssignments, RoleAssignments
#Break Permissions of the List
If ($List.HasUniqueRoleAssignments -eq $False)
{
Set-PnPList -Identity $ListName -BreakRoleInheritance -CopyRoleAssignments
}
#Get Read Permission Level
$ReadPermission = Get-PnPRoleDefinition -Identity "Read"
#Grant "Read" permissions, if its not granted already
$List.RoleAssignments | ForEach-Object {
#Get the user or group of the assignment - Handle error for orphans
$Member = Get-PnPProperty -ClientObject $_ -Property Member -ErrorAction SilentlyContinue
If($Member.IsHiddenInUI -eq $False)
{
Get-PnPProperty -ClientObject $_ -Property RoleDefinitionBindings | Out-Null
#Check if the current assignment has any permission other than Read or related
$PermissionsToReplace = $_.RoleDefinitionBindings | Where {$_.Hidden -eq $False -And $_.Name -Notin ("Read", "Restricted Read", "Restricted Interfaces for Translation")}
#Grant "Read" permissions, if its not granted already
If($PermissionsToReplace -ne $Null)
{
$_.RoleDefinitionBindings.Add($ReadPermission)
$_.Update()
Invoke-PnPQuery
Write-host "Added 'Read' Permissions to '$($Member.Title)'" -ForegroundColor Cyan
}
}
}
#Reload List permissions
$List = Get-PnPList -Identity $ListName -Includes RoleAssignments
#Remove All permissions other than Read or Similar
$List.RoleAssignments | ForEach-Object {
#Get the user or group of the assignment - Handle error for orphans
$Member = Get-PnPProperty -ClientObject $_ -Property Member #-ErrorAction SilentlyContinue | Out-Null
If($Member.IsHiddenInUI -eq $False)
{
Get-PnPProperty -ClientObject $_ -Property RoleDefinitionBindings | Out-Null
$PermissionsToRemove = $_.RoleDefinitionBindings | Where {$_.Hidden -eq $False -And $_.Name -Notin ("Read", "Restricted Read", "Restricted Interfaces for Translation")}
If($PermissionsToRemove -ne $null)
{
ForEach($RoleDefBinding in $PermissionsToRemove)
{
$_.RoleDefinitionBindings.Remove($RoleDefBinding)
Write-host "Removed '$($RoleDefBinding.Name)' Permissions from '$($Member.Title)'" -ForegroundColor Yellow
}
$_.Update()
Invoke-PnPQuery
}
}
}
Write-host "List is set to Read-Only Successfully!" -f Green
This PowerShell script resets all permissions with "Read". Please note, These methods doesn't control Site Collection Administrators!
Post updated on:
2020-08-02T05:33:52Z
Related Posts:
No comments:
Please Login and comment to get your questions answered!