ALL Users Permissions reports at Web Application Level through Powershell

Friday, April 2, 2021

Export the Full control, permission type and modified date, across sub sites on SharePoint online Site collection.

<#*****-----------------------------------------------------------------------******
Author -> Shiv Mangal Singh Tomar

Date -> 3rd April - 2021

Description -> This Script will generate the Full control, permission type and modified date, across sub sites on SharePoint online Site collection.

******-----------------------------------------------------------------------******#>

##Variables

$SiteURL = "https://contososmstomar93.sharepoint.com/sites/PowerAppsSMS"

$FileUrl = "D:\PowerShell\Report\SubSites_Report.csv"

#Connect to Site Collection

Connect-PnPonline -Url $SiteURL -UseWebLogin

#Get the web

$Site = Get-PnPWeb

# Create header for Report in CSV file

"Site Url `t Site Modified `t SharePoint Group/ Direct Permission `t GroupUser/ User `t PermissionType `t PermissionLevel " | out-file $FileUrl

#Get the Webs/ sub sites

$Web = Get-PnPSubWebs -Recurse -Includes RoleAssignments, LastItemModifiedDate

# Loop through each sub sites

foreach($Subsite in $Web)

{

foreach($RoleAssignment in $Subsite.RoleAssignments)

{

#Get the Permission Levels assigned and Member

Get-PnPProperty -ClientObject $RoleAssignment -Property RoleDefinitionBindings, Member

#Get the Full control permission Level

$PermissionLevels = ($RoleAssignment.RoleDefinitionBindings | Select -ExpandProperty Name | Where { $_ -eq "Full Control"} ) -join ","

#Leave Principals with no Permissions

If($PermissionLevels.Length -eq 0)

{

Continue

}
#Check direct permissions

$PermissionType = $RoleAssignment.Member.PrincipalType

#Get SharePoint group members

If($PermissionType -eq "SharePointGroup")

{

#Get Group Members

$GroupMembers = Get-PnPGroupMembers -Identity $RoleAssignment.Member.LoginName

#Leave Empty Groups

If($GroupMembers.count -eq 0)

{

Continue

}

$GroupUsers = ($GroupMembers | Select -ExpandProperty LoginName | Where { $_ -ne "SHAREPOINT\system"}) -join "; "

# Send the Data to Report file, from SharePoint Group

"$($Subsite.Url) `t $($Subsite.LastItemModifiedDate) `t $($RoleAssignment.Member.Title) `t $($GroupUsers) `t $($PermissionType) `t $($PermissionLevels)" | Out-File $FileUrl -Append

}

else

{

# Send the Data to Report file, from direct user permission

"$($Subsite.Url) `t $($Subsite.LastItemModifiedDate) `t Direct Permission `t $($RoleAssignment.Member.LoginName) `t $($PermissionType) `t $($PermissionLevels)" | Out-File $FileUrl -Append

}

Saturday, November 28, 2015

Create, Update, Delete a List item Using Javascript Object Model (JSOM) in SharePoint 2010/2013

// Create a List item Using Javascript Object Model (JSOM) in SharePoint 2010/2013

<input type="text" name="txtTitle" id="txtTitle">Title</input><br/><br/>
<input type="text" name="txtEMPID" id="txtEMPID">Emp ID</input><br/><br/>
<input type="text" name="txtEMPNAME" id="txtEMPNAME">Emp Name</input>
<button id="btnAddItem" onclick="AddItem()">Add Item</button>

<script type="text/javascript">
function AddItem()
{
var clientContext = new SP.ClientContext.get_current();
var oList = clientContext.get_web().get_lists().getByTitle('employee');
var txtTitleName= document.getElementById("txtTitle").value;
var txtEMPLOYEEID= document.getElementById("txtEMPID").value;
var txtEMPLOYEENAME= document.getElementById("txtEMPNAME").value;
var item = new SP.ListItemCreationInformation();
var oListItem = oList.addItem(item);
oListItem.set_item('Title', txtTitleName);
oListItem.set_item('empid',txtEMPLOYEEID);
oListItem.set_item('empname',txtEMPLOYEENAME);
oListItem.update();
clientContext.load(oListItem);
clientContext.executeQueryAsync(
Function.createDelegate(this, this.onQuerySucceeded),
Function.createDelegate(this, this.onQueryFailed)
);
}
function onQuerySucceeded() {
alert('Item created!');
}
function onQueryFailed(sender, args) {
alert('Request failed. ' + args.get_message() +
'\n' + args.get_stackTrace());
}
</script>
// End code, Create a List item Using Javascript Object Model (JSOM)

====================================================================

// Update a List item Using Javascript Object Model (JSOM) in SharePoint 2010/2013
<input type="button" id="btnUpdateItem" onclick="UpdateItem()" value="Update Item"></input>
Enter Employee ID <input type="text" name="txtID" id="txtID"></input><br/><br/>
Enter the Text to update the Title: <input typr="text" name="txtContent" id="txtContent"></input><br/><br/><br/>
Enter the Text to update the Employee: <input typr="text" name="txtEMPName" id="txtEMPName"></input><br/><br/><br/>
<script type="text/javascript">
function UpdateItem()
{
var clientContext = new SP.ClientContext.get_current();
var oList = clientContext.get_web().get_lists().getByTitle('employee');
var txtEmployeeID= document.getElementById("txtID").value;
var oListItem = oList.getItemById(txtEmployeeID);
var txtContentValue=document.getElementById("txtContent").value;
var txtEmployeeValue = document.getElementById("txtEMPName").value;
oListItem.set_item('Title', txtContentValue);
oListItem.set_item('empname', txtEmployeeValue);
oListItem.update();
clientContext.executeQueryAsync(
Function.createDelegate(this, this.onQuerySucceeded),
Function.createDelegate(this, this.onQueryFailed)
);
}
function onQuerySucceeded() {
alert('Item updated!');
}

function onQueryFailed(sender, args) {
alert('Request failed. ' + args.get_message() +
'\n' + args.get_stackTrace());
}
</script>

// End code, Update a List item Using Javascript Object Model (JSOM)
========================================================================

// Delete a List item Using Javascript Object Model (JSOM) in SharePoint 2010/2013
Enter the Item ID: <input type="text" name="txtID" id="txtID"></input>
<button id="btnDeleteItem" onclick="deleteItem()">Delete Item</button><br/>
<script type="text/javascript">
// delete list item
function deleteItem()
{
var clientContext = new SP.ClientContext.get_current();
var oList = clientContext.get_web().get_lists().getByTitle('employee');
// clientContext.load(oList);
var itemId = document.getElementById("txtID").value;
alert(itemId);
this.lstObjectItem = oList.getItemById(itemId);
lstObjectItem.deleteObject();
oList.update();
clientContext.executeQueryAsync(deleteItemSuccess, deleteItemFailed);
}
function deleteItemSuccess() {
var listItemInfo = 'Item deleted: ';
alert(listItemInfo);
}
function deleteItemFailed(sender, args) {
alert('Request failed. ' + args.get_message() + '\n' + args.get_stackTrace());
}
</script>

// End code, delete a List item Using Javascript Object Model (JSOM)

Sunday, November 15, 2015

Get all users permission across Web Application through Power shell script

<#
******-----------------------------------------------------------------------******
Author -> Shiv Mangal Singh
Date -> 12th Nov - 2015
Description -> This will get all site collections & no.of sub sites across Web Application.
Path of csv file->$path = "D:\Test\Shiv\ps\TeamSites_Users_Permision_Report_smstest1.csv"
Web Application Name --> "https://sharepoint.contact.contoso.net"

#Call the function to Check all Users Access
GetUserAccessReport "https://sharepoint.contact.contoso.net" "D:\Test\Shiv\ps\TeamSites_Users_Permision_Report_smstest1.csv"
******-----------------------------------------------------------------------******
#>

Add-PSSnapin Microsoft.SharePoint.Powershell -EV Err -EA "SilentlyContinue"

Function GetUserAccessReport($WebAppURL, $FileUrl)
{
#Get All Site Collections of the WebApp
$SiteCollections = Get-SPSite -WebApplication $WebAppURL -Limit All

#Write CSV- TAB Separated File) Header
"URL `t Title `t PermissionType/Groups Name `t Permissions `t LoginName `t Email" | out-file $FileUrl

#Loop through all site collections
foreach($Site in $SiteCollections)
{
# Skip the Orpahn site using below condition
if($Site.url -ne "https://sharepoint.contact.contoso.net/sites/hrsite")
{
write-host $site.url
#Check Whether the Search User is a Site Collection Administrator
foreach($SiteCollAdmin in $Site.RootWeb.SiteAdministrators)
{
"$($Site.RootWeb.Url) `t $($Site.RootWeb.Title)`t Site Collection Administrator `t Site Collection Administrator `t $($SiteCollAdmin.LoginName)`t $($SiteCollAdmin.Email)" | Out-File $FileUrl -Append
}

#Loop throuh all Sub Sites
foreach($Web in $Site.AllWebs)
{
if($Web.HasUniqueRoleAssignments -eq $True)
{
#Get all the users granted permissions to the list
foreach($WebRoleAssignment in $Web.RoleAssignments )
{
#Is it a User Account?
if($WebRoleAssignment.Member.userlogin)
{
#Get the Permissions assigned to user
$WebUserPermissions=@()
foreach ($RoleDefinition in $WebRoleAssignment.RoleDefinitionBindings)
{
$WebUserPermissions += $RoleDefinition.Name +";"
}
#write-host "with these permissions: " $WebUserPermissions
#Send the Data to Log file
if($WebRoleAssignment.Member.Email.Length -gt 0)
{
"$($Web.Url) `t $($Web.Title)`t Direct Permission `t $($WebUserPermissions) `t $($WebRoleAssignment.Member.LoginName)`t $($WebRoleAssignment.Member.Email)" | Out-File $FileUrl -Append
}
else
{
"$($Web.Url) `t $($Web.Title)`t Direct Permission `t $($WebUserPermissions) `t $($WebRoleAssignment.Member.LoginName)" | Out-File $FileUrl -Append
}
}
#Its a SharePoint Group, So search inside the group and check if the user is member of that group
else
{
foreach($user in $WebRoleAssignment.Member.users)
{
#Get the Group's Permissions on site
$WebGroupPermissions=@()
foreach ($RoleDefinition in $WebRoleAssignment.RoleDefinitionBindings)
{
$WebGroupPermissions += $RoleDefinition.Name +";"
}
#write-host "Group has these permissions: " $WebGroupPermissions

#Send the Data to Log file
if($user.Email.Length -gt 0)
{
"$($Web.Url) `t $($Web.Title)`t $($WebRoleAssignment.Member.Name) `t $($WebGroupPermissions) `t $($user.LoginName)`t $($user.Email)" | Out-File $FileUrl -Append
}
else
{
"$($Web.Url) `t $($Web.Title)`t $($WebRoleAssignment.Member.Name) `t $($WebGroupPermissions) `t $($user.LoginName)" | Out-File $FileUrl -Append
}
}
}
}
}
}

}

}
}

#Call the function to Check all Users Access
GetUserAccessReport "https://sharepoint.contact.contoso.net" "D:\Test\Shiv\ps\TeamSites_Users_Permision_Report_smstest1.csv"