Blog链接:https://blog.51cto.com/13969817
如我们所了解的,默认的情况下,SharePoint Online没有内置功能支持将现有文档库或者列表的权限复制到同一网站下的其他文档库或者列表中,如果我们需要在不使用第三方工具的情况下,快速的将用户或者组授予从一个已存在的文档库或者列表中复制到其他的文档库或者列表中,该如何实现呢?
解决方案:如之前文章我们所介绍的,我们可以借助Powershell脚本实现同一个网站中的文档库或者列表权限迁移,今天我们调用Copy-PnPListPermissions函数来实现该需求。
以源端Support Training文档库的权限为例,具体操作步骤如下所示:
1. 连接PnPOnline,命令如下:
2. 获取WebURL,并赋给$WebURL,命令如下:
$WebURL = https://mvptrainingcn.sharepoint.com/sites/Contoso_China
3. 获取源端要复制文档库的URL,并赋给$SourceListName命令如下:
$SourceListName= "Support Training"
4. 获取目的端的文档库URL,并赋给$ $TargetListName,命令如下:
$TargetListName= "Training Documents"
5. 调用函数Copy-PnPListPermissions,命令如下所示:
Function Copy-PnPListPermissions
{
[cmdletbinding()]
param(
[Parameter(Mandatory=$True)] [string] $WebURL,
[Parameter(Mandatory=$True)] [string] $SourceListName,
[Parameter(Mandatory=$True)] [string] $TargetListName,
[Parameter(Mandatory=$False)] [Bool] $AppendToExisting = $True
)
Try {
Connect-PnPOnline -Url $WebURL -Interactive
$Web = Get-PnPweb
$Ctx = Get-PnPContext
$SourceList = Get-PnPList $SourceListName -Includes HasUniqueRoleAssignments -ThrowExceptionIfListNotFound
$TargetList = Get-PnPList $TargetListName -Includes HasUniqueRoleAssignments -ThrowExceptionIfListNotFound
If(!$TargetList.HasUniqueRoleAssignments)
{
If($AppendToExisting -eq $True)
{
Set-PnPList -Identity $TargetList -BreakRoleInheritance -CopyRoleAssignments
}
else
{
Set-PnPList -Identity $TargetList -BreakRoleInheritance
}
}
Else
{
If($AppendToExisting -eq $False)
{
Set-PnPList -Identity $TargetList -ResetRoleInheritance
Set-PnPList -Identity $TargetList -BreakRoleInheritance
}
}
$SourceRoleAssignments = Get-PnPProperty -ClientObject $SourceList -Property RoleAssignments
ForEach($RoleAssignment in $SourceRoleAssignments)
{
Get-PnPProperty -ClientObject $RoleAssignment -Property RoleDefinitionBindings, Member
If($RoleAssignment.Member.IsHiddenInUI -eq $False)
{
$SourcePermissions = $RoleAssignment.RoleDefinitionBindings | Where {$_.Name -notin("Limited Access")}
$PermissionLevels = ($SourcePermissions | Select -ExpandProperty Name) -join "; "
If($SourcePermissions -ne $null)
{
#Grant Source List's Permission Level to the Target List
$RoleDefBindings = New-Object Microsoft.SharePoint.Client.RoleDefinitionBindingCollection($Ctx)
ForEach($RoleDefinition in $SourcePermissions)
{
$RoleDefBindings.Add($RoleDefinition)
}
$Permissions = $TargetList.RoleAssignments.Add($RoleAssignment.Member,$RoleDefBindings)
$TargetList.Update()
Invoke-PnPQuery
Write-host "Copied '$($RoleAssignment.Member.Title)' with Permissions '$PermissionLevels'"
}
}
}
}
Catch {
write-host -f Red "Error Copying List Permissions!" $_.Exception.Message
}
}
说明:
- 调用该函数仅仅是将权限从源端文档库复制到目的端已经存在的文档库,并非将目的端文档库的权限清除,再将源端文档库的权限复制到目的端文档库
- 文档库或者列表权限复制仅限于同一个网站之间,若跨不同网站之间转移,需要额外修改脚本
- 执行权限复制,命令如下:
Copy-PnPListPermissions -WebURL $WebURL -SourceListName
$SourceListName -TargetListName $TargetListName
执行成功,权限已经成功复制到目的端,关于跨网站支持文档库或者列表的权限复制,将涉及User和Role是否存在的判断,相对较复杂,若大家日后有类似需求,欢迎线下交流。
