Listing permissions for Sharepoint 2010 – including information about inheritable permissions lists/libraries and files

I am about to describe my struggling with SCCM 2007 to 2012 upgrade, but just before that I would like to share with you guys a script I was dreaming to have time to write to.

I am talking about script that is listing permissions for sharepoint and all libraries and files that don’t inherit permissions.

It was slightly a horrible nightmare for me to list permissions for the web application – there was a time, where users had power to grant permissions for folders and files. After a couple of years there was an idea from the managment – let’s take back those permissions and put everythign in User Rights Management system…

First thought:

fear

Second – pretty much the same:

lost

Finally I had some time and written a script that lets me to specify precisely on what file in what library who the hell has permissions 😀

Here it is:


$url = "http://<WEB_APPLICATION_NAME>"
$site = Get-SPWeb ($url)
$pliki = @()</span>

foreach ($web in $site.Site.AllWebs)
{

# if ($web.Url.StartsWith($url)) { # Uncomment for listing whe whole web application

if ($web.Url -match "http://<WEB_APPLICATION_NAME>/<SOME_FOLDER>") { #Uncomment to list just one particular site

#-----------

$host.ui.RawUI.ForegroundColor = “Green”;
Write-Host ("PErmissions for website " + $web.Name + " ,Url: " + $web.Url)
$lists = $web.Lists
Write-Host "Website contains the content libraries:"
$host.ui.RawUI.ForegroundColor = “white”;
foreach ($list in $lists) {

#-----------
# (START) Getting the files with non heritable permissions
#-----------
foreach ($ll in $list.items){
if ($ll.HasUniqueRoleAssignments -match "True"){
$e = $ll.url
foreach ($upr_f in $ll.RoleAssignments){
$f = $upr_f.member.name
$g = $upr_f.RoleDefinitionBindings | foreach {$_.name}
$paczka = "$e,$f,$g"
$pliki += $paczka
}
}
}
#-----------
# (END) Getting the files with non heritable permissions
#-----------

#-----------
# (START) Getting the list/libraries with inheritable permissions
#-----------

$l = $list.folders
foreach ($upr in $l){

#-----------
#   if ($upr.name -match "Systemy - admini"){ #Uncoment if you would like to list particular list/library, do not forget
#   to uncommenct the bracket below
#-----------
$a= $upr.Url
$b = $upr.HasUniqueRoleAssignments

if ($b -eq "True"){
$host.ui.RawUI.ForegroundColor = “green”;
Write-Host "The list/library with unique permissions:"
$host.ui.RawUI.ForegroundColor = “yellow”;
}

foreach ($u in $upr.RoleAssignments){
$c = $u.member.name
$d = $u.RoleDefinitionBindings | foreach {$_.name}
Write-Host "$a, $c, $d"
}

if ($pliki) {
$host.ui.RawUI.ForegroundColor = “Green”;
Write-Host "Files with unique permissions"
$host.ui.RawUI.ForegroundColor = “yellow”;
$pliki}

$pliki = @()
$host.ui.RawUI.ForegroundColor = “Green”;
Write-host "#-------------"
$host.ui.RawUI.ForegroundColor = “white”;
#----------
#   } Bracket for "IF" specifying list/library
#----------
}

#-----------
# (END) Getting the list/libraries with inheritable permissions
#-----------

}
}
}