1

When I remove the roleassignments for the group on the list, this also removes the roleassignments for the subfolders. (BreakInheritance == True for the subfolders. )

My code:

//BreakRoleInheritance on list
list.BreakRoleInheritance(true);

//Initiate a roledefinition for read only
SPRoleDefinition readerRoleDef = web.RoleDefinitions.GetByType(SPRoleType.Reader);

//Creates a roleassignment bound to the group
SPRoleAssignment readerRole = new SPRoleAssignment(group);

//Add the definition to the roleassignment
readerRole.RoleDefinitionBindings.Add(readerRoleDef);

//Gets the roledefinitions for the given group
var roleAssignements = list.RoleAssignments.Cast<SPRoleAssignment>().Where(r => r.Member.ID == group.ID);

//I would like to to something like this, but this code here affects roleassignments on subfolders as well: 
roleAssignements.ToList().ForEach(r => list.RoleAssignments.RemoveById(r.Member.ID)); 

//Add the new, read role assignment
list.RoleAssignments.Add(readerRole);

//Save changes to the list
list.Update();

Can someone point me in the right direction?

Morten
  • 87
  • 1
  • 9

1 Answers1

1

This behavior is by design. It's like a chain. If you break up the inheritance and define new assignments for an object (list), all sub objects (sub folders) will now inherit the new assignments because they no more have connection to the parent object (website) of the object (list) on which the inheritance was broken.

If you want the sub folders to have the same assignments as the list's parent object (website). Try the following:

  1. Break up the inheritance on the list as you did in you code.
  2. Then break up the inheritance for each sub folder also with the parameter set to true when calling BreakRoleInheritance(). At the moment all objects should still have the same assignments but without inheriting them form the parent object.
  3. If you now edit the assignments for the list the sub folders will still have the assignments of the list's parent object (website).

But as the chain was broke up. Any changes you make on the website won't affect the sub folders. If the website and the sub folders should still be in sync (regarding the assignments) you have to assure this by yourself some how.

Flo
  • 27,355
  • 15
  • 87
  • 125
  • @Flo: +1 Very good explanation. I'm wondering what the requirements are since this seems strange... – Kit Menke Apr 05 '11 at 19:15
  • Yes, the requirements would be really interesting. – Flo Apr 05 '11 at 19:17
  • Hi Flo, each subfolder already has BreakroleInheritance = true. The problem occur when I iterate the roleassignments and delete them from the list. I was hoping the subfolders would not be affected. My next approach will be to preserve the subfolders roleassignments in variables, and apply them after deleting the roleassignments for the list. But this seems like a bad practice... – Morten Apr 06 '11 at 11:58
  • You break the role inheritance for the sub folders too? I can only see that you break it for the list. Or is this part of the code missing? – Flo Apr 06 '11 at 13:40
  • Hi Flo, HasUniquePermissions is already set true on the subfolders, so I guess it should not be necessary for me to call the method BreakRoleInheritance on the subfolders. When I applied the "readerRole", I verified that the subfolders didn't get affected, only the list itself got the applied roleassignment. – Morten Apr 07 '11 at 08:55
  • So applying a new role to the list doesn't affect the sub folders but deleting the assignments for the group on the list does affect the sub folders, right? – Flo Apr 07 '11 at 10:03
  • That sounds really weird. Nevertheless can you try to break the inheritance also on each sub folder and see what happens then? – Flo Apr 07 '11 at 10:34
  • Hi Flo, I updated the code and called BreakRoleInheritance on subfolders like this: list.Folders.Cast().ToList().ForEach(item => item.BreakRoleInheritance(false)); When I removed the roleassignments from the list, the roleassignments for the subfolders still got deleted. (I used this code to delete roleassignments: roleAssignements.ToList().ForEach(r => list.RoleAssignments.RemoveById(r.Member.ID)); ) – Morten Apr 07 '11 at 12:32
  • I think you must call BreakRoleInheritance(true), otherwise all role assignments on a folder gets delete. – Flo Apr 07 '11 at 15:10
  • Hi Flo! Sorry for the late response, you are right, of course. I changed the code, but this did not affect the result. (And as I've already mentioned earlier, HasUniquePermissions was set "True" on folders initially) – Morten Apr 12 '11 at 11:26
  • Mh, I suggest you post your question on http://sharepoint.stackexchange.com which started its beta phase just a few days ago. Perhaps you got a solution for you problem there. – Flo Apr 12 '11 at 11:43