Introduction:
The following SharePoint Application Page with C# in line code enumerates all the roles assignments of a Windows SharePoint Services 3.0 or MOSS site collection and displays pirticular web site from which the page has been called:
- The role member and reports if it is a Group or an User.
- If it is a group, displays the number of users in the Group and the users list.
- If it is a group, displays the permissions for all significant Site Collection elements (if inheritance was broken for a List, a Folder or an Item, this will be specified). It is information at a cross-site level.
- In any case (User or group), displays the Roles list for the current web site.
- In any case (User or group), displays for each previous roles, the Roles Permissions list.
This post and its code sample is an improvement of the previous post Enumerate Role Assignments to retrieve Groups and Users Permissions in a Windows SharePoint Services 3.0 or MOSS Site . I also did this new post to help a reader that has asked me information about SharePoint Roles and Permissions reporting.
Why to use it?
In Windows SharePoint Services 3.0, access to Web sites, lists, folders, and list items is controlled through a role-based membership system by which users are assigned to roles that authorize their access to Windows SharePoint Services objects.
To give a user access to an object, you can do so either by adding the user to a group that already has permissions on the object, or by creating a role assignment object, setting the user for the role assignment, optionally binding the role assignment to the appropriate role definition with base permissions, and then adding the assignment to the collection of role assignments for the list item, folder, list, or Web site. If you do not bind the role assignment to a role definition when assigning a user to a role, the user has no permission.
As there is two ways of granting permissions to a specific user, this can easily lead to a lack of organization regarding Security Granting Policy, and you may have some SharePoint sites to clean up.
When you want to check the users and the groups present in a Site Collection web sites and their role, it can take time doing it by browsing "People and Group" administration pages for each web site. It would be nice to display all the information in a single report. The following code sample will give you this kind of report, and it will be easier for you to reorder Users and Groups using it.
How to use it?
- Download CheckUsersAndPermission.aspx file to "%12%\TEMPLATE\LAYOUTS"
- Add "<asp:MenuItem Text="Advanced User Permission Details" NavigateUrl="checkUsersAndPermission.aspx" />", after "<asp:MenuItem Text="<%$Resources:wss,people_sitepermissions%>" NavigateUrl="user.aspx"/>" for the following files in "%12%\TEMPLATE\LAYOUTS"
- people.aspx
- user.aspx
- groups.aspx
- Now you can go to any site>People and Groups, on left Site menus you can see
File(Source Code) : CheckUsersAndPermission.aspx (18.87 kb)
File(Source Code) : CheckUsersAndPermission.aspx (18.87 kb) (Version2)
thanks to Marc Charmois