Create Groups and Roles in SharePoint 2010

Author by Mark Rentmeester

This SharePoint 2010 tip will explain how to create groups and roles, programmatically, using the SharePoint object model:
  1. Create a SharePoint group (SPGroup)
  2. How to add an SPGroup to the group collection (SPGroupCollection)
  3. How to define role definition (SPRoleDefinition)
  4. How to assign that new SPRoleDefiniton to our group using an SPRoleAssignment

Adding the Group

Before we begin, it's important to understand that a group is added to an SPWeb object. And then, in order to add permissions to this group, the group needs a role definition assigned to the group, rather than individual users. Each group requires and a member, and an owner, and both need to exist in the SPUserCollection of the current SPWeb. Let's begin... Let's first get a handle on our current SharePoint users, the new group's soon-to-be owner and member, as well as the current Webs existing Groups:
using (SPSite site = new SPSite("http://yourdevbox:1337")) { using (SPWeb web = site.OpenWeb()) { SPUserCollection users = Web.AllUsers; SPUser owner = users[string.Format("{0}{1}", "Domain", "Owner Username")]; SPMember member = users[string.Format("{0}{1}", "Domain", "Member Username")]; SPGroupCollection groups = Web.SiteGroups; } }
So here we access our SPWeb.AllUsers object, which gives us all the current users as an SPUserCollection object. Next, we can get a handle on our owner and member (this is the part where I said the users to need exist, because we're grabbing them from this collection). We then access our SPWeb.SiteGroups object which gives all the current groups as an SPGroupCollection Now lets actually add our new group. After that last line, but within the SPWeb using statement, add the following lines:
string GroupName = "Super Exclusive"; string GroupDescription = "Super exclusive group description."; groups.Add(GroupName, owner, member, GroupDescription); SPGroup NewSPGroup = groups[GroupName];
And that's exactly how easy is it to add a group! Except now we need to determine what role the members of the group have.

Adding the Role

Here's a list of role definition types we can choose from:
  • Contribute
  • Design
  • Full Control
  • Read
Let's begin. Again, after your last line, but within the SPWeb using statement, add the following lines:
// here's where you define your role type: SPRoleDefinition role = Web.RoleDefinitions["Full Control"]; SPRoleAssignment roleAssignment = new SPRoleAssignment(NewSPGroup); roleAssignment.RoleDefinitionBindings.Add(role); Web.RoleAssignments.Add(roleAssignment); Web.Update();
Here we define an SPRoleDefinition object and tell it that the roll has full control. This is where you can change it up to say Contribute, Design, or Read as well. We then create a role assign object by passing in our previously created group. The role assignment then gets told to use our preferred role definition. And then finallay, we tell our SPWeb to add the new role assignment.

Overview

And there you have it! A new group that has full control. Here's an overview of the code, in it's entirety:
using (SPSite site = new SPSite("http://yourdevbox:1337")) { using (SPWeb web = site.OpenWeb()) { SPUserCollection users = Web.AllUsers; SPUser owner = users[string.Format("{0}{1}", "Domain", "Owner Username")]; SPMember member = users[string.Format("{0}{1}", "Domain", "Default Member Username")]; SPGroupCollection groups = Web.SiteGroups; string GroupName = "Super Exclusive"; string GroupDescription = "Super exclusive group description."; groups.Add(GroupName, owner, member, GroupDescription); SPGroup NewSPGroup = groups[GroupName]; SPRoleDefinition role = Web.RoleDefinitions["Full Control"]; SPRoleAssignment roleAssignment = new SPRoleAssignment(NewSPGroup); roleAssignment.RoleDefinitionBindings.Add(role); Web.RoleAssignments.Add(roleAssignment); Web.Update(); } }
This article was originally written by Jordan Laik. It is moderated currently by Mark Rentmeester.
Author

Mark Rentmeester

Director of Application Development Services