How to Set Permissions to a Document Library in SharePoint Online?

Requirement: Set Permissions on a SharePoint Online Document Library.

How to Grant Access to a Document Library in SharePoint Online?
Any document library created in SharePoint inherits permissions from its parent site by default. However, you may have to restrict access to a document library in SharePoint Online at times. Here are the steps to set permissions on a document library in SharePoint Online.
  • Login to your SharePoint Online site >> Navigate to the specific document library you want to change permission.
  • Click on Settings gear >> Choose "Library Settings" menu item. This takes you to the library settings page.
    how to grant access to a document library in sharepoint online
  • Click on "Permissions for this document library" link under "Permissions and Management" group.
    how to restrict access to a document library in sharepoint online
  • Click on "Stop Inheriting Permissions" button on the ribbon and confirm the prompt. Now you can add or remove users and groups to the document library to restrict permissions.
    how to share a document library in sharepoint online
  • Select users and groups and click on "Remove user permissions" button to remove unnecessary users. To add additional users to the document library, Click on "Grant Permissions" and add people or groups then set necessary permissions.

Please note, the above steps either provides access to the specific document library or restricts permissions to it without altering any permissions at the site level.

PowerShell to Restrict Access to a Document library in SharePoint Online
We can set permissions on a document library in SharePoint Online with PowerShell as well. Here is the PowerShell to grant access to a document library:

#Config Variables
$SiteURL = "https://crescent.sharepoint.com/sites/marketing"
$ListName ="Branding"
$UserID = "[email protected]"
$GroupName = "Marketing Members"

Try {
    #Connect to PnP Online
    Connect-PnPOnline -Url $SiteURL -UseWebLogin
    
    #Get the List
    $List = Get-PnPList -Identity $ListName

    #Break Permission Inheritance of the Library - Remove all existing permissions
    Set-PnPList -Identity $ListName -BreakRoleInheritance

    #Grant Edit permissions on Library to User
    Set-PnPListPermission -Identity $ListName -AddRole "Edit" -User $UserID
 
    #Grant Read permission on document library to the Group
    Set-PnPListPermission -Identity $ListName -AddRole "Read" -Group $GroupName

}
Catch {
    Write-host "Error: $($_.Exception.Message)" -foregroundcolor Red
}
Similarly, to restrict access to a document library by removing existing users and groups, use:
#Config Variables
$SiteURL = "https://crescent.sharepoint.com/sites/marketing"
$ListName ="Branding"
$UserID = "i:0#.f|membership|[email protected]"
$GroupName = "Marketing Members"

Try {
    #Connect to PnP Online
    Connect-PnPOnline -Url $SiteURL -UseWebLogin
    
    #Get the List
    $List = Get-PnPList -Identity $ListName
    $User = Get-PnPUser -Identity $UserID
    $Group = Get-PnPGroup -Identity $GroupName
 
    #Break Permission Inheritance of the Library - Remove all existing permissions
    Set-PnPList -Identity $ListName -BreakRoleInheritance -CopyRoleAssignments

    #Remove the user and group from document library permissions
    $List.RoleAssignments.GetByPrincipal($User).DeleteObject()
    Invoke-PnPQuery
    $List.RoleAssignments.GetByPrincipal($Group).DeleteObject()
    Invoke-PnPQuery
}
Catch {
    Write-host "Error: $($_.Exception.Message)" -foregroundcolor Red
}

No comments:

Please Login and comment to get your questions answered!

Powered by Blogger.