Archive for August, 2012

Modify Permission Levels (using bitwise operators)


The easiest way to create a new permission level in SharePoint is to copy and modify an existing permission level. For example, you can copy the ‘Contributor’ permission level and remove the ability to delete items by unchecking the corresponding option. SharePoint 2010 even provides a ready-to-use out-of-the-box button to copy existing permission levels.

However, modifying permission levels programmatically is a little bit less obvious as the SPBasePermission enumeration is implemented as a bit flag.


Retrieving all (nested) members of a Group


You can assign permissions to users, SharePoint groups and Active Directory groups in SharePoint. While SharePoint groups cannot contain other SharePoint groups, it is possible to nest Active Directory Groups. The SharePoint method SPGroup.Users only returns users that are added directly to the SharePoint Group. I have written a small function that is able to retrieve all users of a SPPrincipal object, included nested users.