How to Copy Permissions from One Folder to Another in SharePoint Online using PowerShell?

Requirement: Copy permissions from one folder to another in SharePoint Online.

How to Copy Permissions from One Folder to Another in SharePoint Online using PowerShell?

SharePoint Online Copy Permissions from one folder to Another using PowerShell

Ever wanted to clone permissions from an existing folder to a new folder in SharePoint Online? When working with SharePoint Online, there may be times when you need to copy permissions from one folder to another. It can be a tedious process if you have to do it manually and there are no easier ways to do this without using 3rd party tools. Well, Not anymore! Here is the PowerShell script to copy permissions from one folder to another folder in SharePoint Online!

#PowerShell Function to copy permissions between Folders in SharePoint Online
Function Copy-PnPFolderPermissions
{
    [cmdletbinding()]
     param(
         [Parameter(Mandatory=$True)] [string] $WebURL,
         [Parameter(Mandatory=$True)] [string] $SourceFolderURL,
         [Parameter(Mandatory=$True)] [string] $TargetFolderURL,
         [Parameter(Mandatory=$False)] [Bool] $AppendToExisting = $True
     )
    Try {
        #Connect to PnP Online
        Connect-PnPOnline -Url $WebURL -Interactive

        #Get the Web
        $Web = Get-PnPweb
        $Ctx = Get-PnPContext

        #Get Source and Target Folders
        $SourceFolderItem = Get-PnPFolder -Url $SourceFolderURL -Includes ListItemAllFields.HasUniqueRoleAssignments
        $SourceFolder = $SourceFolderItem.ListItemAllFields
        $TargetFolderItem = Get-PnPFolder -Url $TargetFolderURL -Includes ListItemAllFields.HasUniqueRoleAssignments
        $TargetFolder = $TargetFolderItem.ListItemAllFields

        #if permissions are Inherited in Target Folder, Break the Inheritance
        If(!$TargetFolder.HasUniqueRoleAssignments)
        {
            If($AppendToExisting -eq $True)
            {
                #Break Folder permissions - keep all existing permissions & Clear Item level permissions
                $TargetFolder.BreakRoleInheritance($True,$False)
            }
            else
            {
                $TargetFolder.BreakRoleInheritance($False,$False)
            }
        }
        Else #If the Folder has unique Permissions already
        {
            If($AppendToExisting -eq $False)
            {
                $TargetFolder.ResetRoleInheritance()
                $TargetFolder.BreakRoleInheritance($False,$False)
            }
        }
        Invoke-PnPQuery

        #Get all permissions assigned to the source folder
        $SourceRoleAssignments = Get-PnPProperty -ClientObject $SourceFolder -Property RoleAssignments
 
        #Copy Source Folder permissions to Destination Folder
        ForEach($RoleAssignment in $SourceRoleAssignments)
        {
            #Get RoleDefinitions of the Role Assignment
            Get-PnPProperty -ClientObject $RoleAssignment -Property RoleDefinitionBindings, Member

            #Leave the Hidden permissions
            If($RoleAssignment.Member.IsHiddenInUI -eq $False)
            {
                $SourcePermissions = $RoleAssignment.RoleDefinitionBindings | Where {$_.Name -notin("Limited Access")}
                $PermissionLevels = ($SourcePermissions | Select -ExpandProperty Name) -join "; "

                If($SourcePermissions -ne $null)
                {
                    #Add Source Folder's Permission Level to the Target Folder
                    $RoleDefBindings = New-Object Microsoft.SharePoint.Client.RoleDefinitionBindingCollection($Ctx)
                    ForEach($RoleDefinition in $SourcePermissions)
                    {
                        $RoleDefBindings.Add($RoleDefinition)
                    }
                    $Permissions = $TargetFolder.RoleAssignments.Add($RoleAssignment.Member,$RoleDefBindings)
                    $TargetFolder.Update()
                    Invoke-PnPQuery
                    Write-host "Copied '$($RoleAssignment.Member.Title)' with Permissions '$PermissionLevels'"
                }
            }
        }
    }
    Catch {
        write-host -f Red "Error Copying Folder Permissions!" $_.Exception.Message
    }
}

#Set Parameters
$WebURL = "https://crescent.sharepoint.com/sites/Marketing"

#Server Relative URLs of Source and Target Folders
$SourceFolderURL = "/sites/Marketing/Shared Documents/Old"
$TargetFolderURL = "/sites/Marketing/Shared Documents/New"

#Call the function to copy Folder permissions 
Copy-PnPFolderPermissions -WebURL $WebURL -SourceFolderURL $SourceFolderURL -TargetFolderURL $TargetFolderURL

This script appends to existing permissions of the target folder by default. You can pass an optional parameter for -AppendToExisting with “$False” in case you want to clear all existing permissions of the target folder and copy permissions from the source folder.

Salaudeen Rajack

Salaudeen Rajack is a SharePoint Architect with Two decades of SharePoint Experience. He loves sharing his knowledge and experiences with the SharePoint community, through his real-world articles!

One thought on “How to Copy Permissions from One Folder to Another in SharePoint Online using PowerShell?

  • December 2, 2021 at 10:39 PM

    will this copy the data meta information forexample, modified by and modified date information?

    Reply

Leave a Reply