Share via

Sharepoint 2007: Application Page to Check Effective Permissions of User in Entire Site Collection

  • Article

Recently two tools were published to check effective permissions of a user in an entire site collection. Here's a console application and PowerShell script for this here:

http://social.technet.microsoft.com/wiki/contents/articles/how-to-check-effective-permissions-of-a-user-in-each-site-in-a-site-collection-in-sharepoint-2007-and-sharepoint-2010-using-powershell.aspx

http://social.technet.microsoft.com/wiki/contents/articles/how-to-check-effective-permissions-of-a-user-in-each-site-in-a-site-collection-in-sharepoint-2007-and-sharepoint-2010.aspx

However, these options were available for only server administrators. To provide these options to other users we created an application page and a feature to shown the link under site collection administration. To deploy the same we have created a wsp file and a batch file to deploy the same.

Here are the codes.

For application page:

<%@ Page Language="C#" MasterPageFile="application.master" Inherits="Microsoft.SharePoint.WebControls.LayoutsPageBase" %>
<%@ Assembly Name="Microsoft.Office.Server.SecurityReport, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"%>
<%@ Assembly Name="System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"%>
<%@ Assembly Name="Microsoft.Office.Server, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"%>
<%@ Assembly Name="Microsoft.SharePoint.ApplicationPages, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"%>
<%@ Register Assembly="Microsoft.SharePoint, Version=12.0.0.0, Culture=neutral,PublicKeyToken=71e9bce111e9429c" Namespace="Microsoft.SharePoint.WebControls" TagPrefix="cc1" %>
<%@ Register Tagprefix="SharePoint" Namespace="Microsoft.SharePoint.WebControls" Assembly="Microsoft.SharePoint, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>
<%@ Import Namespace="Microsoft.SharePoint" %>
<%@ Import Namespace="Microsoft.Office.Server.UserProfiles" %>
<%@ Import Namespace="Microsoft.Office.Server" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Collections.ObjectModel" %>
<script runat="server"  >
void Page_Load(object sender, EventArgs e)
{
 
}
void Change_Title(object sender, EventArgs e)
{
SPWeb web1 = this.Web;
if(UserPicker.ResolvedEntities.Count > 0)
{
PickerEntity selectedEntity = (PickerEntity)UserPicker.ResolvedEntities[0];
ServerContext serverContext = ServerContext.GetContext(web1.Site);
UserProfileManager userProfileManager = new UserProfileManager(serverContext);
UserProfile userProfile = userProfileManager.GetUserProfile(selectedEntity.Key);
String userLogin = userProfile[PropertyConstants.AccountName].Value.ToString();
SPWebCollection webs = web1.Site.AllWebs;
DataTable userTable = new DataTable();
userTable.Columns.Add("WebUrl");
userTable.Columns.Add("Permission");
userTable.Columns.Add("GivenVia");
 foreach (SPWeb web in webs)
 {
 SPPermissionInfo permissionInfo = web.GetUserEffectivePermissionInfo(userLogin);
 Collection<SPRoleAssignment> roles = permissionInfo.RoleAssignments;
  
 SPUser user = web.AllUsers[userLogin];
 if (user.IsSiteAdmin)
 {
 label1.Text = "The user "+userLogin+" is a site collection administrator";
 }
  
 for (int i = 0; i < roles.Count; i++)
 {
 SPRoleDefinitionBindingCollection bRoles = roles[i].RoleDefinitionBindings;
 foreach (SPRoleDefinition roleDefinition in bRoles)
 {
 if (roles[i].Member.ToString().Contains("\\"))
 {
 userTable.Rows.Add(web.Url,roleDefinition.Name,"Directly Given");
  
 }
 else
 {
  
 userTable.Rows.Add(web.Url,roleDefinition.Name,roles[i].Member.ToString());
 
 }
 }
 }
  
 }
 SPBoundField fldPropertyName = new SPBoundField();
fldPropertyName.HeaderText = "Web Url";
fldPropertyName.DataField = "WebUrl";
rahulGrid.Columns.Add(fldPropertyName);
SPBoundField fldPropertyName1 = new SPBoundField();
fldPropertyName1.HeaderText = "Permission";
fldPropertyName1.DataField = "Permission";
rahulGrid.Columns.Add(fldPropertyName1);
SPBoundField fldPropertyName2 = new SPBoundField();
fldPropertyName2.HeaderText = "GivenVia";
fldPropertyName2.DataField = "GivenVia";
rahulGrid.Columns.Add(fldPropertyName2);
rahulGrid.DataSource = userTable;
rahulGrid.DataBind();
 
rahulGrid.Dispose();
}
}
 
</script>
<asp:Content contentplaceholderid="PlaceHolderPageTitle" runat="server">
<SharePoint:EncodedLiteral runat="server"  text="Check Permissions in Entire Site Collection" EncodeMethod='HtmlEncode'/>
</asp:Content>
<asp:Content contentplaceholderid="PlaceHolderPageTitleInTitleArea" runat="server">
 <SharePoint:EncodedLiteral runat="server"  text="Check Permissions in Entire Site Collection" EncodeMethod='HtmlEncode'/>
</asp:Content>
<asp:Content ContentPlaceHolderID="PlaceHolderMain" runat="server">
<SharePoint:PeopleEditor id="UserPicker"   runat="server"
SelectionSet="User,DL,SecGroup,SPGroup"
 ValidatorEnabled="false"
 AllowEmpty = "false"
 MultiSelect = "false"
 /><asp:Button runat="server"  Text="Submit" OnClick="Change_Title" id="Button1"></asp:Button>
<br>
<asp:Label ID="label1"  runat="server" ></asp:Label>
<br>
<SharePoint:SPGridView
 runat="server"
 ID="rahulGrid" 
 AutoGenerateColumns="false"
 RowStyle-BackColor="#DDDDDD"
 AlternatingRowStyle-BackColor="#EEEEEE" />
  
 
</asp:Content>

We have created a feature to provide the link under site collection administration to link to this page.

Here is the feature.xml file:

<?xml version="1.0"  encoding="utf-8" ?>
<Feature xmlns="http://schemas.microsoft.com/sharepoint/"
Id="00BFEA71-6A49-43FA-B535-D17605500108"
Scope="Site"
Title="Rahul Entire Site Collection Permission"
Description="A feature that will check the permnission of a user in all sites in the site collecction"
Hidden="FALSE"
>
<ElementManifests>
<ElementManifest Location="Elements.xml" />
</ElementManifests>
</Feature>

The corresponding element file is as below:

<?xml version="1.0"  encoding="utf-8" ?>
<Elements xmlns="http://schemas.microsoft.com/sharepoint/">
<CustomAction
Id="175B290F-239E-4955-97CB-94227E5DAA17"
GroupId="SiteCollectionAdmin"
Location="Microsoft.SharePoint.SiteSettings"
Sequence="1000"
Title="Check Effective Site Collection Permissions"
>
<UrlAction Url="/_layouts/RahulCheckEffectiveSitePermission.aspx"/>
</CustomAction>
</Elements>

Now to deploy the same we created a batch file the code is as shown below:

@ECHO Off
 
 
 
"C:\Program Files\Common Files\microsoft shared\Web Server Extensions\12\BIN\STSADM.exe" -o addSolution -filename RahulCheckEntireSitePermission.wsp
 
pause
 
"C:\Program Files\Common Files\microsoft shared\Web Server Extensions\12\BIN\STSADM.exe"% -o deploySolution -name RahulCheckEntireSitePermission.wsp -immediate -allowgacdeployment
 
pause
 
"C:\Program Files\Common Files\microsoft shared\Web Server Extensions\12\BIN\STSADM.exe" -o installfeature -name RahulSitePermListing -force
 
pause
 
"C:\Program Files\Common Files\microsoft shared\Web Server Extensions\12\BIN\STSADM.exe" -o activatefeature -name RahulSitePermListing -url "YourSiteUrl" -force

Now you are ready to go with it. Download the wsp and batch files here: http://gallery.technet.microsoft.com/Check-Permissions-in-4a8f2b91 

Open the batch file and change "YourSiteUrl" to the URL of your site where you want to activate it.