API tools faq
paste
Guest User

Untitled

a guest
Aug 14th, 2018
135
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.57 KB | None | 0 0
raw download clone embed print report
  1. Add-Type -Path "C:Program FilesCommon Filesmicrosoft sharedWeb Server Extensions16ISAPIMicrosoft.SharePoint.Client.dll"
  2. Add-Type -Path "C:Program FilesCommon Filesmicrosoft sharedWeb Server Extensions16ISAPIMicrosoft.SharePoint.Client.Runtime.dll"
  3.  
  4. $pLoadCSOMProperties=(get-location).ToString()+"Load-CSOMProperties.ps1"
  5. . $pLoadCSOMProperties
  6.  
  7. $properties=@{SiteUrl='';SiteTitle='';ListTitle='';Type='';RelativeUrl='';ParentGroup='';MemberType='';MemberName='';MemberLoginName='';Roles='';};
  8.  
  9. $UserInfoList="";
  10.  
  11. $RootWeb="";
  12.  
  13. $RootSiteTitle="";
  14. $ExportFileDirectory = (get-location).ToString();
  15.  
  16. $SiteCollectionUrl = Read-Host -Prompt "Enter site collection URL: ";
  17.  
  18. $Username = Read-Host -Prompt "Enter userName: ";
  19.  
  20. $password = Read-Host -Prompt "Enter password: " -AsSecureString ;
  21.  
  22. Function PermissionObject($_object,$_type,$_relativeUrl,$_siteUrl,$_siteTitle,$_listTitle,$_memberType,$_parentGroup,$_memberName,$_memberLoginName,$_roleDefinitionBindings)
  23. {
  24. $permission = New-Object -TypeName PSObject -Property $properties;
  25. $permission.SiteUrl =$_siteUrl;
  26. $permission.SiteTitle = $_siteTitle;
  27. $permission.ListTitle = $_listTitle;
  28. $permission.Type = $_type;
  29. $permission.RelativeUrl = $_relativeUrl;
  30. $permission.MemberType = $_memberType;
  31. $permission.ParentGroup = $_parentGroup;
  32. $permission.MemberName = $_memberName;
  33. $permission.MemberLoginName = $_memberLoginName;
  34. $permission.Roles = $_roleDefinitionBindings -join ",";
  35.  
  36. ## Write-Host "Site URL: " $_siteUrl "Site Title" $_siteTitle "List Title" $_istTitle "Member Type" $_memberType "Relative URL" $_RelativeUrl "Member Name" $_memberName "Role Definition" $_roleDefinitionBindings -Foregroundcolor "Green";
  37. return $permission;
  38. }
  39.  
  40.  
  41. Function QueryUniquePermissionsByObject($_web,$_object,$_Type,$_RelativeUrl,$_siteUrl,$_siteTitle,$_listTitle)
  42. {
  43. $_permissions =@();
  44.  
  45. Load-CSOMProperties -object $_object -propertyNames @("RoleAssignments") ;
  46.  
  47. $ctx.ExecuteQuery() ;
  48.  
  49. foreach($roleAssign in $_object.RoleAssignments){
  50. $RoleDefinitionBindings=@();
  51. Load-CSOMProperties -object $roleAssign -propertyNames @("RoleDefinitionBindings","Member");
  52. $ctx.ExecuteQuery() ;
  53. $roleAssign.RoleDefinitionBindings|%{
  54. Load-CSOMProperties -object $_ -propertyNames @("Name");
  55. $ctx.ExecuteQuery() ;
  56. $RoleDefinitionBindings += $_.Name;
  57. }
  58.  
  59. $MemberType = $roleAssign.Member.GetType().Name;
  60.  
  61. $collGroups = "";
  62. if($_Type -eq "Site")
  63. {
  64. $collGroups = $_web.SiteGroups;
  65. $ctx.Load($collGroups);
  66. $ctx.ExecuteQuery() ;
  67. }
  68.  
  69. if($MemberType -eq "Group" -or $MemberType -eq "User")
  70. {
  71.  
  72. Load-CSOMProperties -object $roleAssign.Member -propertyNames @("LoginName","Title");
  73. $ctx.ExecuteQuery() ;
  74.  
  75. $MemberName = $roleAssign.Member.Title;
  76.  
  77. $MemberLoginName = $roleAssign.Member.LoginName;
  78.  
  79. if($MemberType -eq "User")
  80. {
  81. $ParentGroup = "NA";
  82. }
  83. else
  84. {
  85. $ParentGroup = $MemberName;
  86. }
  87.  
  88. $_permissions += (PermissionObject $_object $_Type $_RelativeUrl $_siteUrl $_siteTitle $_listTitle $MemberType $ParentGroup $MemberName $MemberLoginName $RoleDefinitionBindings);
  89.  
  90. if($_Type -eq "Site" -and $MemberType -eq "Group")
  91. {
  92. foreach($group in $collGroups)
  93. {
  94. if($group.Title -eq $MemberName)
  95. {
  96. $ctx.Load($group.Users);
  97. $ctx.ExecuteQuery() ;
  98. ##Write-Host "Number of users" $group.Users.Count;
  99. $group.Users|%{
  100. Load-CSOMProperties -object $_ -propertyNames @("LoginName");
  101. $ctx.ExecuteQuery() ;
  102.  
  103. $_permissions += (PermissionObject $_object "Site" $_RelativeUrl $_siteUrl $_siteTitle "" "GroupMember" $group.Title $_.Title $_.LoginName $RoleDefinitionBindings);
  104. ##Write-Host $permissions.Count
  105. }
  106. }
  107. }
  108. }
  109. }
  110.  
  111. }
  112. return $_permissions;
  113.  
  114. }
  115.  
  116. Function QueryUniquePermissions($_web)
  117. {
  118. ##query list, files and items unique permissions
  119. $permissions =@();
  120. Write-Host "Querying web " + $_web.Title ;
  121. $siteUrl = $_web.Url;
  122.  
  123. $siteRelativeUrl = $_web.ServerRelativeUrl;
  124.  
  125. Write-Host $siteUrl -Foregroundcolor "Red";
  126.  
  127. $siteTitle = $_web.Title;
  128.  
  129. Load-CSOMProperties -object $_web -propertyNames @("HasUniqueRoleAssignments");
  130. $ctx.ExecuteQuery()
  131. ## See more at: https://www.itunity.com/article/loading-specific-values-lambda-expressions-sharepoint-csom-api-windows-powershell-1249#sthash.2ncW42CM.dpuf
  132. #Get Site Level Permissions if it's unique
  133.  
  134. if($_web.HasUniqueRoleAssignments -eq $True){
  135. $permissions += (QueryUniquePermissionsByObject $_web $_web "Site" $siteRelativeUrl $siteUrl $siteTitle "");
  136. }
  137.  
  138. #Get all lists in web
  139. $ll=$_web.Lists
  140. $ctx.Load($ll);
  141. $ctx.ExecuteQuery()
  142.  
  143. Write-Host "Number of lists" + $ll.Count
  144. $icount = 0;
  145.  
  146. foreach($list in $ll)
  147. {
  148. Load-CSOMProperties -object $list -propertyNames @("RootFolder","Hidden","HasUniqueRoleAssignments");
  149. $ctx.ExecuteQuery()
  150.  
  151. $listUrl = $list.RootFolder.ServerRelativeUrl;
  152.  
  153. #Exclude internal system lists and check if it has unique permissions
  154.  
  155. if($list.Hidden -ne $True)
  156. {
  157. Write-Host $list.Title -Foregroundcolor "Yellow";
  158. $listTitle = $list.Title;
  159. #Check List Permissions
  160.  
  161. if($list.HasUniqueRoleAssignments -eq $True)
  162. {
  163. $Type = $list.BaseType.ToString();
  164. $permissions += (QueryUniquePermissionsByObject $_web $list $Type $listUrl $siteUrl $siteTitle $listTitle);
  165.  
  166. if($list.BaseType -eq "DocumentLibrary")
  167. {
  168. #TODO Get permissions on folders
  169. $rootFolder = $list.RootFolder;
  170. $listFolders = $rootFolder.Folders;
  171. $ctx.Load($rootFolder);
  172. $ctx.Load( $listFolders);
  173.  
  174. $ctx.ExecuteQuery() ;
  175.  
  176. #get all items
  177. $spQuery = [Microsoft.SharePoint.Client.CamlQuery]::CreateAllItemsQuery()
  178. ## array of items
  179. $collListItem = @();
  180.  
  181. do
  182. {
  183. $listItems = $list.GetItems($spQuery);
  184. $ctx.Load($listItems);
  185. $ctx.ExecuteQuery() ;
  186. $spQuery.ListItemCollectionPosition = $listItems.ListItemCollectionPosition
  187. foreach($item in $listItems)
  188. {
  189. $collListItem +=$item
  190. }
  191. }
  192. while ($spQuery.ListItemCollectionPosition -ne $null)
  193.  
  194. Write-Host $collListItem.Count
  195.  
  196. foreach($item in $collListItem)
  197. {
  198. Load-CSOMProperties -object $item -propertyNames @("File","HasUniqueRoleAssignments");
  199. $ctx.ExecuteQuery() ;
  200.  
  201. Load-CSOMProperties -object $item.File -propertyNames @("ServerRelativeUrl");
  202. $ctx.ExecuteQuery() ;
  203.  
  204. $fileUrl = $item.File.ServerRelativeUrl;
  205.  
  206. $file=$item.File;
  207.  
  208. if($item.HasUniqueRoleAssignments -eq $True)
  209. {
  210. $Type = $file.GetType().Name;
  211.  
  212. $permissions += (QueryUniquePermissionsByObject $_web $item $Type $fileUrl $siteUrl $siteTitle $listTitle);
  213. }
  214. }
  215. }
  216. }
  217. }
  218. }
  219. return $permissions;
  220. }
  221.  
  222. if(Test-Path $ExportFileDirectory){
  223. Write-Host $Username
  224. Write-Host $password
  225.  
  226. $ctx=New-Object Microsoft.SharePoint.Client.ClientContext($SiteCollectionUrl);
  227. $ctx.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Username, $password);
  228.  
  229.  
  230. $rootWeb = $ctx.Web
  231. $ctx.Load($rootWeb)
  232. $ctx.Load($rootWeb.Webs)
  233. $ctx.ExecuteQuery()
  234.  
  235. #Root Web of the Site Collection
  236.  
  237. $RootSiteTitle = $rootWeb.Title;
  238.  
  239. $RootWeb = $rootWeb;
  240. #array storing permissions
  241. $Permissions = @();
  242.  
  243. #root web , i.e. site collection level
  244. $Permissions += QueryUniquePermissions($RootWeb);
  245. Write-Host $Permissions.Count;
  246.  
  247. Write-Host "Querying Number of webs " $rootWeb.Webs.Count ;
  248. foreach($web in $rootWeb.Webs)
  249. {
  250. $Permissions += (QueryUniquePermissions $web);
  251. Write-Host "Web : " $web.Title "Count" $Permissions.Count
  252. }
  253.  
  254. $exportFilePath = Join-Path -Path $ExportFileDirectory -ChildPath $([string]::Concat($RootSiteTitle,"-Permissions.csv"));
  255.  
  256. Write-Host $Permissions.Count
  257.  
  258. $Permissions|Select SiteUrl,SiteTitle,Type,RelativeUrl,ListTitle,MemberType,MemberName,MemberLoginName,ParentGroup,Roles|Export-CSV -Path $exportFilePath -NoTypeInformation;
  259. }
  260. else{
  261.  
  262. Write-Host "Invalid directory path:" $ExportFileDirectory -ForegroundColor "Red";
  263.  
  264. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!