Expression Evaluation Time: ms / Round trip: ms
Improved Role Management for Snow
08. May
by Jacek Przezdziecki Category:

With MatchPoint Snow 1.2.0 and 2.2.0 we introduced an improved concept for roles management.

In the previous versions there were only three roles available: Owner, Reader, Member. And extending this number of roles was not that straightforward.

With this release of MatchPoint Snow it is now possible to define any number of roles.

Add new Role

New roles can be defined on many levels, i.e.:

  • Snow configuration
  • Snowflake configuration
  • Workspace types

For our example we will create a new role in the Snow Configuration:

To add a new role, simply open Snow Configuration, select “Roles” and click on “Role” in the ribbon.

The new role has some properties to be set:

  • Name: The unique identifier of the role which used to reference the role in other configurations such as the “ProvisioningConfiguration”.
  • Permissions: Specifies the permission level which users in this role will have granted.
  • DefaultUsers: Allows to select users, which will be added to this role by default on workspace creation.
  • IsSingle: Specifies whether the role is forced to contain only one user.

Provisioning Configuration

As a next step, you should make proper changes in the configuration of type "Provisioning Configuration". In the configuration, please go to the property ProvisioningConfiguraion - > WebDefinition -> PermissionAssignments, and add each role with proper permission level (we suggest to use “Reader” or “Contributor”).

Workspace Template Configuration

As a last part of role creation, please open related configuration of type “Workspace Template Configuration” and specify the roles with “Owner” permission set in the property RoleTagDefinition -> IncludedRoles. This allows to properly apply tags on created workspaces. Please note, that it is recommended to specify roles with “Owner” permission only.

Role Reference

To use roles in a workspace type, they not always have to be defined in the workspace types. It is possible to use roles which are defined on higher levels (Snow configuration or Snowflake configuration). In order to use such a role, a reference to the role has to be created:

Whithin the role reference you have to specifiy the "RoleLink" property which specifies the link to the referenced role.

Please note that only roles defined or referenced in the workspace type will be available on this workspace after creation, even if some roles are defined on snow or snowflake level.

Public Readers

Public readers for a workspace type are now specified via roles as well. Within the workspace type one or more "PublicReaderDefinition" can be specified. A "PublicReaderDefinition" defines which users ("Accounts" property) are added to the specified reader group ("ReaderRoleId" property) when the workspace becomes public.

Creator Role

Also, in the workspace type it is possible to specify to which role of the workspace the user is added when he creates a workspace. Previously this user was added by default to the “Owner” role.

We recommend to select for such a purpose, roles with “Owner” permission set, but it is allowed to select any type of role.

Glenn De Block
26.07.2017 02:41
We recently upgraded our version, are you guys sure that the creator role functionality is working? Or maybe I'm missing something out.
I picked the default 'Owner' option as the CreatorRole, but it isn't automatically applied according to what I've configured having read this.

Do I still have to use the previous 'UserRoleAssignment: Add SPHelper.GetCurrentUser().LoginName' in the postaction of a creator like before or not?
Glenn De Block
26.07.2017 03:54
Oh, I see creator now uses an EvaluateAction.
Nice addition!

This blog is about technical and non-technical aspects of the product MatchPoint and other SharePoint topics.

If you would like to post an article or if you have an idea for a post, please contact us.

Matthias Weibel
09.04.2018 01:12
Link is updated and works now. | Goto Post
09.04.2018 12:21
Link doesn't work. Could anyone explain what does... | Goto Post
14.03.2018 02:05
Hi Markus
We I use the config for SiteCollectionSe... | Goto Post
Reto Jeger
04.10.2017 09:15
Hello Reiner,
Thanks for pointing out the missing ... | Goto Post
29.09.2017 09:56
Hi, I downloaded the ZIP-file for MatchPoint Versi... | Goto Post