OBJECTIVE
How to remove Roles for: single user, all users, groups or everybody.
The following is a variable used in the code:
- Web: the SPWeb object of the sub site you want to manage.
1) REMOVE ALL ROLES
2) REMOVE ALL ROLES ONLY FOR USERS
3) REMOVE ALL ROLES ONLY FOR GROUPS
4) REMOVE SINGLE USER ROLES
5) REMOVE A SPECIFIC ROLE DEFINITION FOR EVERYBODY
6) REMOVE A SPECIFIC ROLE DEFINITION FOR A USER
1) REMOVE ALL ROLES
SPRoleAssignmentCollection SPRoleAssColn = Web.RoleAssignments;
for (int i = SPRoleAssColn.Count - 1; i >= 0; i--)
{
SPRoleAssColn.Remove(i);
}
2) REMOVE ALL ROLES ONLY FOR USERS
SPRoleAssignmentCollection SPRoleAssColn = Web.RoleAssignments;
for (int i = SPRoleAssColn.Count - 1; i >= 0; i--)
{
SPRoleAssignment roleAssignmentSingle = SPRoleAssColn[i];
System.Type t = roleAssignmentSingle.Member.GetType();
if(t.Name=="SPUser")
SPRoleAssColn.Remove(i);
}
3) REMOVE ALL ROLES ONLY FOR GROUPS
SPRoleAssignmentCollection SPRoleAssColn = Web.RoleAssignments;
for (int i = SPRoleAssColn.Count - 1; i >= 0; i--)
{
SPRoleAssignment roleAssignmentSingle = SPRoleAssColn[i];
System.Type t = roleAssignmentSingle.Member.GetType();
if(t.Name=="SPGroup")
SPRoleAssColn.Remove(i);
}
4) REMOVE SINGLE USER ROLES:
private void RemoveUserRoles(SPUser user)
{
SPRoleAssignmentCollection SPRoleAssColn = Web.RoleAssignments;
for (int i = SPRoleAssColn.Count - 1; i >= 0; i--)
{
SPRoleAssignment roleAssignmentSingle = SPRoleAssColn[i];
SPPrincipal wUser = (SPPrincipal)user;
if (roleAssignmentSingle.Member.ID == wUser.ID)
{
SPRoleAssColn.Remove(i);
}
}
}
5) REMOVE SPECIFIC ROLE DEFINITION FOR EVERYBODY:
Ex. Remove the Read permission from all the people or groups
private static void RemoveSpecificRole(SPRoleType Role, SPWeb Web)
{
SPRoleAssignmentCollection SPRoleAssColn = Web.RoleAssignments;
for (int i = SPRoleAssColn.Count - 1; i >= 0; i--)
{
SPRoleAssignment roleAssignmentSingle = SPRoleAssColn[i];
for (int j = roleAssignmentSingle.RoleDefinitionBindings.Count -1; j>=0; j--)
{
SPRoleDefinition roleDefinitionSingle = roleAssignmentSingle.RoleDefinitionBindings[j];
if (roleDefinitionSingle.Type == Role)
{
roleAssignmentSingle.RoleDefinitionBindings.Remove(roleDefinitionSingle);
roleAssignmentSingle.Update();
}
}
}
}
6) REMOVE SPECIFIC ROLE DEFINITION FOR A USER:
Ex. Remove the Contribute permission to a specific user.
private static void RemoveSpecificRoleForUser(SPUser user, SPRoleType Role, SPWeb Web)
{
SPRoleAssignmentCollection SPRoleAssColn = Web.RoleAssignments;
for (int i = SPRoleAssColn.Count - 1; i >= 0; i--)
{
SPRoleAssignment roleAssignmentSingle = SPRoleAssColn[i];
SPPrincipal wUser = (SPPrincipal)user;
if (roleAssignmentSingle.Member.ID == wUser.ID)
{
for (int j = roleAssignmentSingle.RoleDefinitionBindings.Count; j>=0; j--)
{
SPRoleDefinition roleDefinitionSingle = roleAssignmentSingle.RoleDefinitionBindings[j];
if (roleDefinitionSingle.Type == Role)
{
roleAssignmentSingle.RoleDefinitionBindings.Remove(roleDefinitionSingle);
roleAssignmentSingle.Update();
}
}
}
}
}