How to create a group in a subweb using CSOM?

Question

I need to create a site with broken permission inheritance. Then I need to create a Members group with contribute access and add people to it.

The following code adds the group to the site collection level, and it also adds the people, but my subsite groups are empty. http://screencast.com/t/T6tFVTu9XHm

What am I missing here?

 private static void SetSecurityOnSubSite(ClientContext clientContext, ListItem item, bool confidential, Web newWeb)
        {
            if (confidential)
            {
                newWeb.BreakRoleInheritance(false, false);
                clientContext.ExecuteQuery();

                //Create members group
                GroupCreationInformation grpMembers = new GroupCreationInformation();
                grpMembers.Title = newWeb.Title + " Members";
                Group newMembersGroup = clientContext.Web.SiteGroups.Add(grpMembers);
                clientContext.ExecuteQuery();


                //Add contribute permission level to members group
                RoleDefinition rd = clientContext.Web.RoleDefinitions.GetByName("Contribute"); 
                RoleDefinitionBindingCollection rdb = new RoleDefinitionBindingCollection(clientContext);
                rdb.Add(rd);
                clientContext.Web.RoleAssignments.Add(newMembersGroup, rdb);
                clientContext.ExecuteQuery();

                foreach (FieldUserValue userValue in item[Constants.Projects.ProjectTeam] as FieldUserValue[])
                {
                    User user = clientContext.Web.EnsureUser(userValue.LookupValue);
                    clientContext.Load(user);
                    clientContext.ExecuteQuery();
                    UserCreationInformation userCI = new UserCreationInformation();
                    userCI.LoginName = user.LoginName;
                    newMembersGroup.Users.Add(userCI);
                }
                clientContext.ExecuteQuery();
            }
        }

Are you sure item[Constants.Projects.ProjectTeam] is not empty or null? — Vadim Gremyachev, Sep 29 '14 at 19:29

score 5 · Accepted Answer · answered Sep 30 '14 at 10:00

this is how I got it working

private static void SetSecurityOnSubSite(ClientContext clientContext, ListItem item, bool confidential, Web newWeb)
        {
            try
            {
                if (confidential)
                {
                    newWeb.BreakRoleInheritance(false, false);
                    clientContext.ExecuteQuery();
                    Group ownerGroup = default(Group); Group memberGroup = default(Group); Group visitorGroup = default(Group);

                    // web has unique permissions, so create default assosiated groups (owners, members, visitors)
                    if (!newWeb.GroupExists(newWeb.Title + " Owners"))
                    {
                        ownerGroup = newWeb.AddGroup(newWeb.Title + " Owners", "", true);
                        clientContext.Load(ownerGroup);
                    }
                    if (!newWeb.GroupExists(newWeb.Title + " Members"))
                    {
                        memberGroup = newWeb.AddGroup(newWeb.Title + " Members", "", false);
                        clientContext.Load(memberGroup);
                    }
                    if (!newWeb.GroupExists(newWeb.Title + " Visitors"))
                    {
                        visitorGroup = newWeb.AddGroup(newWeb.Title + " Visitors", "", false);
                        clientContext.Load(visitorGroup);
                    }

                    // executequery in order to load the groups if not null
                    clientContext.ExecuteQuery();

                    newWeb.AssociateDefaultGroups(ownerGroup, memberGroup, visitorGroup);

                    newWeb.AddPermissionLevelToGroup(newWeb.Title + " Owners", RoleType.Administrator);
                    newWeb.AddPermissionLevelToGroup(newWeb.Title + " Members", RoleType.Contributor);
                    newWeb.AddPermissionLevelToGroup(newWeb.Title + " Visitors", RoleType.Reader);


                    FieldUserValue userValueCreatedBy = item[Constants.Projects.CreatedBy] as FieldUserValue;
                    User createdByUser = clientContext.Web.EnsureUser(userValueCreatedBy.LookupValue);
                    clientContext.Load(createdByUser);
                    clientContext.ExecuteQuery();

                    UserCreationInformation createdByUserCI = new UserCreationInformation();
                    createdByUserCI.LoginName = createdByUser.LoginName;
                    ownerGroup.Users.Add(createdByUserCI);
                    clientContext.ExecuteQuery();

                    foreach (FieldUserValue userValue in item[Constants.Projects.ProjectTeam] as FieldUserValue[])
                    {
                        User user = clientContext.Web.EnsureUser(userValue.LookupValue);
                        clientContext.Load(user);
                        clientContext.ExecuteQuery();
                        UserCreationInformation userCI = new UserCreationInformation();
                        userCI.LoginName = user.LoginName;
                        memberGroup.Users.Add(userCI);
                    }
                    clientContext.ExecuteQuery();
                }
            }
            catch (Exception)
            {                
                throw;
            }           
        }

Just want to point out that you'll need the OfficeDevPnP nuget package for the above solution.. https://github.com/OfficeDev/PnP/tree/master/OfficeDevPnP.Core — Shailen Sukul, Aug 11 '15 at 08:01

How to create a group in a subweb using CSOM?

1 Answers1