Using CSOM API - SiteCollection User Roles update fails

Madhu J N 1 Reputation point
2022-09-25T14:59:17.817+00:00

Hi ,

I'm looking for CSOM API or sample code snippet for updating User Roles for a Site Collection

Tenant Admin URL: https://<tenant>-admin.sharepoint.com
SP URL : https://<tenant>.sharepoint.com/Sites/SiteCollection1

Technologies using: C#, CSOM API for ShrarePoint Communication

From Sharepoint UI:
I can update user role Definition from UI

Things I tried using CSOM API:

  1. Logged into above mentioned SP tenant admin URL using admin account (URL: https://<tenant>-admin.sharepoint.com)
  2. Using Site Collection URL (https://<tenant>.sharepoint.com/sites/SiteCollection1), tried changing/Updating User Roles Definitions
  3. Same code works fine that is can Successfully update User Role Definitions for SubSite (URL: https://<tenant>.sharepoint.com/Sites/SiteCollection1/SubSite-A1)

Error/Exception :
Cannot change permissions of root web: https://<tenant>.sharepoint.com/Sites/SiteCollection1

Code Snippet for Quick Reference
SP.RoleDefinitionBindingCollection collRoleDefinitionBinding = new SP.RoleDefinitionBindingCollection(this);
SP.RoleDefinition roletypes = this.Web.RoleDefinitions.GetByType("Editor");
collRoleDefinitionBinding.Add(roletypes);
spOClientContext.Web.RoleAssignments.Add(checkuser, collRoleDefinitionBinding);
spOClientContext.ExecuteQuery();

Thanks,

SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
9,597 questions
SharePoint Development
SharePoint Development
SharePoint: A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.Development: The process of researching, productizing, and refining new or existing technologies.
2,662 questions
SharePoint Server Development
SharePoint Server Development
SharePoint Server: A family of Microsoft on-premises document management and storage systems.Development: The process of researching, productizing, and refining new or existing technologies.
1,571 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. RaytheonXie_MSFT 30,991 Reputation points Microsoft Vendor
    2022-09-26T05:34:58.51+00:00

    Hi anonymous userJN
    Per my test, please use following code to assign role to sharepoint online user by csom 

    Web web = context.Web;     
Principal user = context.Web.SiteUsers.GetByLoginName(@"X");     
RoleDefinition readDef = context.Web.RoleDefinitions.GetByName("Editor");     
RoleDefinitionBindingCollection roleDefCollection = new RoleDefinitionBindingCollection(context);     
roleDefCollection.Add(readDef);     
RoleAssignment newRoleAssignment = context.Web.RoleAssignments.Add(user, roleDefCollection);     
context.ExecuteQuery();

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

  2. Madhu J N 1 Reputation point
    2022-09-26T07:52:30.767+00:00

    Thanks RaytheonXie-MSFT for your response.

    I have implemented by same as above mentioned code snippet.

    Code snippet works for Sub Sites - https://<tenant>.sharepoint.com/sites/SiteCollection1/subsite1

    Fails for SiteCollection -https://<tenant>.sharepoint.com/sites/SiteCollection1

    Failure Error Message: Cannot change permissions of root web: https://<tenant>.sharepoint.com/Sites/SiteCollection1

    Did you tried for with Site Collection input argument.

    Thanks,
    Madhu

  3. Madhu J N 1 Reputation point
    2022-09-26T16:46:50.67+00:00

    Hi @RaytheonXie_MSFT ,
    Yes i broke Inheritance using Web.BreakRoleInheritance(true, true)

    Note:
    For sub-sites this works fine, able t update Roles.
    Fails for Site Collections

    Thanks,
    Madhu