Share via


SPRoleDefinition Class

Defines a single role definition, including a name, description, management properties, and a set of rights.

Inheritance Hierarchy

System.Object
  Microsoft.SharePoint.SPRoleDefinition

Namespace:  Microsoft.SharePoint
Assembly:  Microsoft.SharePoint (in Microsoft.SharePoint.dll)

Syntax

<SharePointPermissionAttribute(SecurityAction.LinkDemand, ObjectModel := True)> _
<SharePointPermissionAttribute(SecurityAction.InheritanceDemand, ObjectModel := True)> _
Public NotInheritable Class SPRoleDefinition

Dim instance As SPRoleDefinition
[SharePointPermissionAttribute(SecurityAction.LinkDemand, ObjectModel = true)]
[SharePointPermissionAttribute(SecurityAction.InheritanceDemand, ObjectModel = true)]
public sealed class SPRoleDefinition

Remarks

Use the RoleDefinitions property of the SPWeb class to get the collection of role definitions for a Web site. Use an indexer to return a single item from the collection. For example, if the collection is assigned to a variable named collRoleDefinitions, use collRoleDefinitions[index] in C#, or collRoleDefinitions(index) in Visual Basic, where index is either the index number of the item in the collection or a string that contains the name of the role definition.

There is not a method to retrieve user role assignments on a Windows SharePoint Services list object. However, the code below allows you to retrieve this list.

private void AddListRoleAssignmentNodes(SPList objList)
{ 
   try
   {
      if (objList.HasUniqueRoleAssignments)
      {
         SPRoleAssignmentCollection oRoleAssignments =
            objList.RoleAssignments;

         foreach (SPRoleAssignment oRoleAssignment in oRoleAssignments)
         {
            SPPrincipal oPrincipal = oRoleAssignment.Member;
            try
            {
               // Retrieve users having explicit permissions on the list
               SPUser oRoleUser = (SPUser)oPrincipal;
            }
            catch (Exception ex)
            {
               string msg = ex.Message;
            }
            try
            {
               // Retrieve user groups having permissions on the list
               SPGroup oRoleGroup = (SPGroup)oPrincipal;

               if (oRoleGroup.Users.Count > 0)
               { 
                  string strGroupName = oRoleGroup.Name;
                  // Add code here to retrieve Users inside this User-Group
               }
            }
            catch (Exception ex)
            {
               string msg = ex.Message;
            }
         }
      }
   }
   catch (Exception ex)
   {
      string msg = ex.Message;
   }
}

Examples

The following code example modifies the base permissions of a specified role definition.

using(SPWeb oWebsite = SPContext.Current.Site.AllWebs["Site_Name/Subsite_Name"])
{
    SPRoleDefinitionCollection collRoles = oWebsite.RoleDefinitions;

    SPRoleDefinition oRoleDefinition = collRoles["Definition_Name"];
    oRoleDefinition.BasePermissions = SPBasePermissions.AddListItems |
        SPBasePermissions.BrowseDirectories |
        SPBasePermissions.EditListItems |
        SPBasePermissions.DeleteListItems |
        SPBasePermissions.AddDelPrivateWebParts;
    oRoleDefinition.Update();
}

Note

Certain objects implement the IDisposable interface, and you must avoid retaining these objects in memory after they are no longer needed. For information about good coding practices, see Best Practices: Using Disposable Windows SharePoint Services Objects.

Thread Safety

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

See Also

Reference

SPRoleDefinition Members

Microsoft.SharePoint Namespace