PSEdition

SharePoint Extension for 2010, 2013


This project is designated for SharePoint Administrators / Developers for better managing SharePoint / C# object via this custom API with their most familiar tools, Administrator (PowerShell), Developers (C# / SharePoint).

How to use this extension:

  • To simply use it in your environment without deploying via SharePoint solution, you can simply add this extension to the GAC (Global Assembly Cache).
gacutil -i psedition.dll

Remark: gacutil can be found in the .Net Framework folder.

  • To include this dll in your SharePoint solution, you should add reference to your solution, and mark as safe control under the package.package in order to use it with farm solution.

Key Feature:

  • Manipulate SharePoint Permission in a easier way  
  • Permission Serialization and deserialization in XML format (new feature in 1.1+ version)
  • Serializer to serialize object in XML format (C#)
  • Encryption and Decryption using AES (C#)
Please reference to documentation for the API: Documentation
 
Related Project:

Usage:
Cmdlet
 
# Add Reference to cmdlet
[Reflection.Assembly]::LoadWithPartialName("PSEdition") | Out-Null

# Getting configuration under SharePoint Management Shell
$w=get-spweb "http://yoursitecollection"
$e=$w.Lists["Events"]
$read=$w.RoleDefinitions["Read"]
$cont=$w.RoleDefinitions["Contribute"]
$dr=$w.Groups["Document Reader"]
$m=$w.SiteGroups["Manager Group"]
# Granting FBA User from cmdlet
Write-Host "`n---Grant channel d user to site readers`n"
$fba = New-SPClaimsPrincipal -Identity "membership:the FBA user / group" -IdentityType "FormsUser"
$claims = $w.EnsureUser($fba.ToEncodedString())
$dr.AddUser($claims)

# Event Permission Trimming
Write-Host "`n---Event Permission Trimming`n"
$retainLimitedAccess = $false
[PSEdition.SharePointPermission]::clearPermission($e,$retainLimitedAccess)
// Grant Document Reader as Read
[PSEdition.SharePointPermission]::LockAs($e,$read, $dr,$retainLimitedAccess)
// Grant Manager as Contribute
[PSEdition.SharePointPermission]::LockAs($e,$cont, $m,$retainLimitedAccess)
// Grant All assigned user / group as Read
[PSEdition.SharePointPermission]::LockAllAs($e,$read,$retainLimitedAccess)

# The clonedPermission collection is manageable and is serialized

$clonedPermission = [PSEdition.SharePointPermission]::ConvertPermissions(SPWeb / SPList / SPListItem)
$retainLimitedAccess = $true
[PSEdition.SharePointPermission]::Unlock($clonedPermission, $retainLimitedAccess)

C#

SPList t; // Some list get from SPWeb, it can be SPWeb / SPList / SPListItem that inherited from SPSecurableObject 
SPRoleDefinition role; // Some role get from SPWeb
t.LockAllAs(role) // All existing SPUser / SPGroup in the SPSecurableObject change to certain right

bool retainLimitedAccess = false;
t.clearPermission(retainLimitedAccess); // clear all permissions in the SPSecurableObject 
t.LockAs(role, SPUser / SPGroup, retainLimitedAccess) // Grant particular user / group as certain right 

// Example: Manipulating SPList permission

 PSPermission custom = t.ConvertPermission(); // Convert SP object to a editable permission objects.
custom.Remove("string of the user / group", "string of the role");
custom.Remove("string of the user / group", new string[] { "array of string of the role" ]);
custom.Remove("string of the user / group");
custom.Add(SPPrincpials userorgroup, SPRoleDefinition role);
custom.Add(SPPrincpials userorgroup, new SPRoleDefinition[] { role1, role2 });
t.UnLock(custom, true / false); // Remain limited access to the SPSecurableObject or not, true is yes, false is no, default is yes)

Last edited Oct 11, 2016 at 2:32 AM by z9ekaMen1, version 24