Sharepoint 2013 Server Object Model. Copy permissions from one site to another during site creation

Question

I want to copy the permissions from Site Collection A to a Site I am creating in Site Collection B in the same Web App. This is happening in a List Item Event Receiver on ItemAdded.

Here is what I have so far...

                static void SetupNewSubSite(int currentYear, SPItemEventProperties properties, int siteIndexId)
    {
        //set properties to create my new web
        string description = properties.AfterProperties["Project_x0020_Description"].ToString();
        SPListItem CurrentItem = properties.ListItem;
        String subSiteUrl = Convert.ToString(siteIndexId);
        SPSite projectSiteCollection = new SPSite(properties.Web.Site.Url + "/" + currentYear);
        SPWeb sWeb = new SPSite(properties.SiteId).OpenWeb(properties.RelativeWebUrl);

        SPWeb oWeb = projectSiteCollection.RootWeb;
        SPWebCollection cWebs = oWeb.Webs;

        //create the new web
        SPWeb xWeb = cWebs.Add(subSiteUrl, properties.AfterProperties["Title"].ToString(),
        properties.AfterProperties["Project_x0020_Description"].ToString(), 1033, "{B5B6BDD1-485A-44BC-B093-F1048271C49D}", false, false);                        
        UpdateItemProjectUrl(CurrentItem, properties.Web.Site.Url + "/" + currentYear + "/" + subSiteUrl, currentYear);

        //break inheritance and remove permissions from the new site
        xWeb.BreakRoleInheritance(false);
        LogMessage("Role Count: " + xWeb.RoleAssignments.Count.ToString());
        while (xWeb.RoleAssignments.Count > 0)
        {
            xWeb.RoleAssignments.Remove(0);
        }

        //Get the roleassignments from the source site
        SPRoleAssignmentCollection sRoleAssignments = sWeb.RoleAssignments;
        LogMessage("role assignment count from source web: "+ sRoleAssignments.Count.ToString());
        foreach (SPRoleAssignment sRoleAssignment in sRoleAssignments)
        {
            SPPrincipal sPrincipal = sRoleAssignment.Member;
            LogMessage("Principal Name: " + sPrincipal.Name.ToString());
            try
            { 
                //add roleassignment to newly created web                   
                xWeb.RoleAssignments.Add(sPrincipal);
            }

            catch (Exception ex)
            {
                LogMessage(ex.ToString());
            }
        }
        xWeb.Update();
        LogMessage("After Permissions Change");
        xWeb.Dispose();
        projectSiteCollection.Dispose();
        oWeb.Dispose();
        LogMessage("after dispose");


    }

This code successfully: 1. creates a new site in the other site collection. 2. breaks inheritance on the newly created site. 3. remove the original permissions from the newly created site.

This code does not successfully:

1. copy over groups from the other site collection to the new site.

Answer 1

Found a method someone created...

http://rajeshagadi.blogspot.com/2011/04/how-to-programmatically-copy-web-level.html

public static void CopyWebRoleAssignments(SPWeb sourceWeb, SPWeb destinationWeb)
{

    //Copy Role Assignments from source to destination web.
    foreach (SPRoleAssignment sourceRoleAsg in sourceWeb.RoleAssignments)
    {
        SPRoleAssignment destinationRoleAsg = null;

        //Get the source member object
        SPPrincipal member = sourceRoleAsg.Member;

        //Check if the member is a user 
        try
        {
            SPUser sourceUser = (SPUser)member;
            destinationWeb.EnsureUser(sourceUser.LoginName);//EDITED
            SPUser destinationUser = destinationWeb.AllUsers[sourceUser.LoginName];
            if (destinationUser != null)
            {
                destinationRoleAsg = new SPRoleAssignment(destinationUser);
            }
        }
        catch
        { }

        if (destinationRoleAsg == null)
        {
            //Check if the member is a group
            try
            {
                SPGroup sourceGroup = (SPGroup)member;
                SPGroup destinationGroup = destinationWeb.SiteGroups[sourceGroup.Name];
                destinationRoleAsg = new SPRoleAssignment(destinationGroup);
            }
            catch
            { }
        }

        //At this state we should have the role assignment established either by user or group
        if (destinationRoleAsg != null)
        {

            foreach (SPRoleDefinition sourceRoleDefinition in sourceRoleAsg.RoleDefinitionBindings)
            {
                try { destinationRoleAsg.RoleDefinitionBindings.Add(destinationWeb.RoleDefinitions[sourceRoleDefinition.Name]); }
                catch { }
            }

            if (destinationRoleAsg.RoleDefinitionBindings.Count > 0)
            {
                //handle additon of an existing  permission assignment error
                try { destinationWeb.RoleAssignments.Add(destinationRoleAsg); }
                catch (ArgumentException) { }
            }

        }

    }

    //Finally update the destination web
    destinationWeb.Update();

}

Answer 2

Remade the functionality as an Extension method without the try-catch handling of workflow:

public static void CopyWebRoleAssignmentsFrom(this SPWeb web, SPWeb fromWeb)
{
    web.BreakRoleInheritance(false);
    foreach (SPRoleAssignment sourceRoleAsg in fromWeb.RoleAssignments)
    {
        SPRoleAssignment destinationRoleAsg = null;
        SPPrincipal member = sourceRoleAsg.Member;
        if (member is SPUser)
        {
            SPUser sourceUser = member as SPUser;
            SPUser user = web.SiteUsers[sourceUser.LoginName];
            destinationRoleAsg = new SPRoleAssignment(user);
        }
        else if (member is SPGroup)
        {
            SPGroup sourceGroup = (SPGroup)member;
            SPGroup group = web.SiteGroups[sourceGroup.Name];
            destinationRoleAsg = new SPRoleAssignment(group);
        }

        foreach (SPRoleDefinition sourceRoleDefinition in sourceRoleAsg.RoleDefinitionBindings)
        {
            destinationRoleAsg.RoleDefinitionBindings.Add(web.RoleDefinitions[sourceRoleDefinition.Name]);
        }

        if (destinationRoleAsg.RoleDefinitionBindings.Count > 0)
        {
            web.RoleAssignments.Add(destinationRoleAsg);
        }
    }
    web.Update();
}