powershell icon indicating copy to clipboard operation
powershell copied to clipboard

Published 20 hours ago verified publisher icon pnp

[BUG] Export-PnPListToSiteTemplate doesn't export token for default RoleDefinitions

Open waaromikniet opened this issue 1 year ago • 2 comments

Reporting an Issue or Missing Feature

When I export a list with custom permissions no token for default RoleDefinition is set for the RoleDefinition attribute

          <pnp:Security>
            <pnp:BreakRoleInheritance CopyRoleAssignments="false" ClearSubscopes="false">
              <pnp:RoleAssignment Principal="{associatedownergroupid}" RoleDefinition="Lezen" />
            </pnp:BreakRoleInheritance>
          </pnp:Security>

Expected behavior

When I export the list I want to get the token for default RoleDefinition. See below

          <pnp:Security>
            <pnp:BreakRoleInheritance CopyRoleAssignments="false" ClearSubscopes="false">
              <pnp:RoleAssignment Principal="{associatedownergroupid}" RoleDefinition="{roledefinition:Reader}" />
            </pnp:BreakRoleInheritance>
          </pnp:Security>

Actual behavior

When I export a list with custom permissions no token for default RoleDefinition is set for the RoleDefinition attribute

          <pnp:Security>
            <pnp:BreakRoleInheritance CopyRoleAssignments="false" ClearSubscopes="false">
              <pnp:RoleAssignment Principal="{associatedownergroupid}" RoleDefinition="Lezen" />
            </pnp:BreakRoleInheritance>
          </pnp:Security>

Steps to reproduce behavior

Run the Export-PnPListToSiteTemplate cmdlet on a list with custom permissions with built in RoleDefinition

What is the version of the Cmdlet module you are running?

2.4.0

Which operating system/environment are you running PnP PowerShell on?

  • [x] Windows
  • [ ] Linux
  • [ ] MacOS
  • [ ] Azure Cloud Shell
  • [ ] Azure Functions
  • [ ] Other : please specify

waaromikniet avatar May 23 '24 11:05 waaromikniet

I reproduced this behaviour, but it's not clear to me why this is not working as expected. I created a new SharePoint Online list, broke the permissions inheritance on it. Run the Export-PnPListToSiteTemplate cmdlet and below is the response i get on the screen.

<pnp:Security>
  <pnp:BreakRoleInheritance CopyRoleAssignments="false" ClearSubscopes="false">
      <pnp:RoleAssignment Principal="{associatedownergroupid}" RoleDefinition="Full Control" />
      <pnp:RoleAssignment Principal="{associatedvisitorgroupid}" RoleDefinition="Read" />
      <pnp:RoleAssignment Principal="{associatedmembergroupid}" RoleDefinition="Edit" />
  </pnp:BreakRoleInheritance>
</pnp:Security>

I also created a custom permission level named "CustomPermissionLevel" and the response is the following:

<pnp:Security>
  <pnp:BreakRoleInheritance CopyRoleAssignments="false" ClearSubscopes="false">
    <pnp:RoleAssignment Principal="{associatedownergroupid}" RoleDefinition="Full Control" />
    <pnp:RoleAssignment Principal="{associatedvisitorgroupid}" RoleDefinition="CustomPermissionLevel" />
    <pnp:RoleAssignment Principal="{associatedmembergroupid}" RoleDefinition="Edit" />
  </pnp:BreakRoleInheritance>
</pnp:Security>

Is it possible to provide some more details what you are trying to do?

markgort86 avatar May 24 '24 22:05 markgort86

I want to be able to run my template on a English site. The definition "Lezen" is not recognized then because its Dutch

waaromikniet avatar Jun 06 '24 20:06 waaromikniet