Grant SharePoint group and security group permissions on folder inside my PnP PowerShell

john john 931 Reputation points
2022-08-30T06:26:01.483+00:00

I have this script :-

$SiteURL="https://***.sharepoint.com/"  
$FolderSiteRelativeURL = "/Shared Documents"  
$PermissionToAdd="Contribute"  
$PermissionToRead="Read"  
#Connect to the Site collection  
Connect-PnPOnline -URL $SiteURL -UseWebLogin  

#Get the Folder from site relative URL  
#$FolderOld = Get-PnPFolder -Url $FolderSiteRelativeURL -Includes ListItemAllFields.HasUniqueRoleAssignments, ListItemAllFields.ParentList, ListItemAllFields.ID  
$Folders=Get-PnPFolderItem -FolderSiteRelativeUrl $FolderSiteRelativeURL -ItemType Folder | Where {$_.Name -ne "Forms"}  


ForEach($SubFolder in $Folders)  
    {  
    $n= $FolderSiteRelativeURL+"/"+$SubFolder.Name  
    Write-host $n  
$sub=Get-PnPFolder -Url $n -Includes ListItemAllFields.HasUniqueRoleAssignments, ListItemAllFields.ParentList, ListItemAllFields.ID, ListItemAllFields.RoleAssignments  


If($sub.ListItemAllFields.HasUniqueRoleAssignments)  
{  
    Write-host "Folder is already with broken permissions!" -f Yellow  
}  
Else  
{  
Write-host "Else is running" -f Yellow  
    #Break Folder permissions - keep all existing permissions & keep Item level permissions  
    $sub.ListItemAllFields.BreakRoleInheritance($False,$False)  
     Invoke-PnPQuery  


    ForEach($RoleAssignment in $sub.ListItemAllFields.RoleAssignments)  
        {  
           ///code goes here  
        }  

    Write-host "Folder's Permission Inheritance is broken!!" -f Green     
}  
    }  

Which gets all the document library's root folders >> then define unique permissions on them and do not copy the permissions.

now i need to grant the following permissions to the folders which got unique permissions:-

1) SharePoint group named "Management" with id =9 >> Contribute.

2) Mail enabled security group named "info@ourcompnay.com" >> Read

3) Office 365 group named "managment@ourcompany.com" >> Contribute

so can anyone advice on how i need to modify my code inside the ///code goes here to assign 3 permissions to each folder?

Thanks

SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
9,604 questions
{count} votes

1 answer

Sort by: Most helpful
  1. RaytheonXie_MSFT 30,996 Reputation points Microsoft Vendor
    2022-08-31T01:59:49.003+00:00

    Hi @john john
    You can add following script

    #Grant folder permissions to SharePoint Group  
    Set-PnPfolderPermission -List $ListName -identity $n -AddRole "Contribute" -Group "Management"  
    Set-PnPfolderPermission -List $ListName -identity $n -AddRole "Contribute" -Group "managment@ourcompany.com"  
    #PowerShell to add user to sharepoint online folder  
    Set-PnPfolderPermission -List $ListName -identity $n -User "info@ourcompnay.com" -AddRole "Edit"  
    

    under the code

         Write-host "Folder's Permission Inheritance is broken!!" -f Green     
     }  
    

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.