我们直接拿一个应用举例:

为“部门共享文档库”里面的“工会”文件夹添加“domain\lixs”的“只读”权限。

image

image

image


代码内容:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
############################################
#Author:Lixiaosong
#Email:lixs@ourgame.com;lixiaosong8706@gmail.com
#For:设置SharePoint库文件夹安全组权限
#Version:1.0 2015年3月26日
##############################################
function  Add-SPPermissionToSeGroup  {
   Param (
       [ Parameter ( Mandatory = $True , Position =1)]
       [string] $SPWeb ,
   
       [ Parameter ( Mandatory = $True , Position =2)]
       [string] $SPList ,
 
       [ Parameter ( Mandatory = $True , Position =3)]
       [string] $ADUser ,
    
      [ Parameter ( Mandatory = $True , Position =4)]
      [string] $SPFolder ,
 
      [ Parameter ( Mandatory = $True , Position =5)]
      [string] $SPPermission
)
 
Add-PSSnapin  Microsoft.SharePoint.PowerShell
#http://glproject/PMO/doc
$web  get-spweb  "$SPWeb"
 
 
  function  GrantUserpermission( $userName )
  {
   [Microsoft.SharePoint.SPUserCollection] $spusers = [Microsoft.SharePoint.SPUserCollection] $web .SiteUsers
   [Microsoft.SharePoint.SPUser] $spuser = $spusers [ $userName ]
   $sproleass = new-object  Microsoft.SharePoint.SPRoleAssignment( [Microsoft.SharePoint.SPPrincipal] $spuser )
   $folder .BreakRoleInheritance( "true" )
   $sproleass .RoleDefinitionBindings.Add( $web .RoleDefinitions[ "$SPPermission" ])
   $folder .RoleAssignments.Add( $sproleass );
   Write-Host  "Permission provided for user " $userName
  }
  $doclib = [Microsoft.SharePoint.SPDocumentLibrary] $web .Lists[ "$SPlist" ]
  $foldercoll = $doclib .Folders;
  foreach ( $folder  in  $foldercoll )
  {
   Write-Host  $folder .Name
   if ( $folder .Name.Equals( "$SPFolder" ))
   {
    GrantUserPermission( "Domain\$ADuser" )
   }
  
  }
  Write-Host  "Completed...."
  $web .Close()
}