SharePoint Online：使用 PowerShell 向用户授予对列表中所有项目的权限

要求：向用户授予对 SharePoint Online 列表中所有项目的权限。

PowerShell 向用户授予对 SharePoint Online 列表中所有项目的权限

如果您的列表或文档库对项目应用了唯一权限，则逐一授予对每个项目/文件/文件夹的访问权限将是一项繁琐的任务，并且可能需要花费大量时间。如果您正在寻找一种快速向 SharePoint Online 列表中的所有项目授予权限的方法，以下是如何使用 PowerShell 向所有项目授予权限：

#Load SharePoint Online Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
 
##Variables for Processing
$SiteUrl = "https://crescent.sharepoint.com/sites/marketing"
$ListName= "Migration Documents"
$UserAccount = "i:0#.f|membership|[email protected]"
$PermissionLevel = "Edit"

#Get Credentials to connect
$Cred= Get-Credential
   
#Set up the context
$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteUrl) 
$Ctx.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)
     
#Get the List
$List = $Ctx.web.Lists.GetByTitle($ListName)
 
#Get the User
$User = $Ctx.Web.EnsureUser($UserAccount) 
$Ctx.Load($User)
$Ctx.ExecuteQuery()
  
$Query = New-Object Microsoft.SharePoint.Client.CamlQuery
$Query.ViewXml = "<View Scope='RecursiveAll'><RowLimit>2000</RowLimit></View>"
  
#Batch process list items - to mitigate list threshold issue on larger lists
Do {  
    #Get items from the list in batches
    $ListItems = $List.GetItems($Query)
    $Ctx.Load($ListItems)
    $Ctx.ExecuteQuery()
            
    $Query.ListItemCollectionPosition = $ListItems.ListItemCollectionPosition
   
    #Loop through each List item
    ForEach($ListItem in $ListItems)
    {
        #Check if List Item has unique permissions
        $ListItem.Retrieve("HasUniqueRoleAssignments")
        $Ctx.ExecuteQuery()
 
        #Break Item's permission Inheritance, if its inheriting permissions from the parent
        if (-not $ListItem.HasUniqueRoleAssignments)
        {
            $ListItem.BreakRoleInheritance($true, $false) #keep the existing permissions: Yes -  Clear listitems permissions: No
            $ctx.ExecuteQuery()
        }

        #Get the role 
        $Role = $Ctx.web.RoleDefinitions.GetByName($PermissionLevel)
        $RoleDB = New-Object Microsoft.SharePoint.Client.RoleDefinitionBindingCollection($Ctx)
        $RoleDB.Add($Role)
          
        #Assign permissions
        $UserPermissions = $ListItem.RoleAssignments.Add($User,$RoleDB)
        $ListItem.Update()
        $Ctx.ExecuteQuery()
 
        Write-host -ForegroundColor Green ("User Added to List Item Permissions ID {0} at {1}" -f $ListItem.ID,$ListItem["FileRef"])
    }    
} While ($Query.ListItemCollectionPosition -ne $null)

同样，您可以将 SharePoint 组添加到所有项目，如下所示：

#Load SharePoint Online Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
 
##Variables for Processing
$SiteUrl = "https://crescent.sharepoint.com/sites/marketing"
$ListName= "Migration Documents"
$GroupName = "Marketing Team Site Owners"
$PermissionLevel = "Full Control"
 
#Get Credentials to connect
$Cred= Get-Credential
   
#Set up the context
$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteUrl) 
$Ctx.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)
     
#Get the List
$List = $Ctx.web.Lists.GetByTitle($ListName)

#Get the Group
$Group=$ctx.Web.SiteGroups.GetByName($GroupName)
$ctx.Load($Group)
$ctx.ExecuteQuery()

$Query = New-Object Microsoft.SharePoint.Client.CamlQuery
$Query.ViewXml = "<View Scope='RecursiveAll'><RowLimit>2000</RowLimit></View>"
  
#Batch process list items - to mitigate list threshold issue on larger lists
Do {  
    #Get items from the list in batches
    $ListItems = $List.GetItems($Query)
    $Ctx.Load($ListItems)
    $Ctx.ExecuteQuery()
            
    $Query.ListItemCollectionPosition = $ListItems.ListItemCollectionPosition
   
    #Loop through each List item
    ForEach($ListItem in $ListItems)
    {
        #Check if List Item has unique permissions
        $ListItem.Retrieve("HasUniqueRoleAssignments")
        $Ctx.ExecuteQuery()
 
        #Break Item's permission Inheritance, if its inheriting permissions from the parent
        if (-not $ListItem.HasUniqueRoleAssignments)
        {
            $ListItem.BreakRoleInheritance($true, $false) #keep the existing permissions: Yes -  Clear listitems permissions: No
            $ctx.ExecuteQuery()
        }

        #Get the role - Permission Level
        $Role = $Ctx.web.RoleDefinitions.GetByName($PermissionLevel)
        $RoleDB = New-Object Microsoft.SharePoint.Client.RoleDefinitionBindingCollection($Ctx)
        $RoleDB.Add($Role)
          
        #Assign permissions
        $GroupPermissions = $ListItem.RoleAssignments.Add($Group,$RoleDB)
        $ListItem.Update()
        $Ctx.ExecuteQuery()
 
        Write-host -ForegroundColor Green ("Group Added to List Item Permissions ID {0} at {1}" -f $ListItem.ID,$ListItem["FileRef"])
    }    
} While ($Query.ListItemCollectionPosition -ne $null)

PnP PowerShell 将用户添加到 SharePoint Online 列表中的所有项目

这个方便的 PnP PowerShell 可让您快速授予对列表中所有内容的访问权限，而无需手动检查并为每个项目添加权限：

#Config Variables
$SiteURL = "https://Crescent.sharepoint.com/sites/Marketing"
$ListName ="Projects"
$UserID="[email protected]"

#Connect to PnP Online
Connect-PnPOnline -Url $SiteURL -Credentials (Get-Credential)

#Get all list items
$ListItems = Get-PnPListItem -List $ListName -PageSize 2000
ForEach($ListItem in $ListItems)
{
    #Grant permission on List Item to User
    Set-PnPListItemPermission -Identity $ListItem.ID -List $ListName -AddRole "Edit" -User $UserID
}

这些脚本也适用于文档库中的所有文件！要授予对 SharePoint Online 文档库中所有文件夹的访问权限，请使用：使用 PowerShell 向 SharePoint Online 文档库中的每个文件夹授予权限？