Grant permissions to folder in Sharepoint library using Powershell?

Question

I have a Sharepoint Library, which I have a Powershell script dropping files into for processing. The Powershell script reaches out to Active Directory, and returns Group Membership information. The script then creates a folder for the group owner (if it doesn't exist) in my Library, using the group owners' name, and drops a .CSV of all the users contained in the specific group into that folder.

The need here, is to grant 'Read' permissions only to the owner of the group, which will be the name of the folder we are working in. Ideally the folder would be hidden, however I understand that there are limitations when working with Sharepoint.

For example:

John Doe, User: jdoe would be able to access Z:/jdoe/IT.csv but not Z:/someuser/HR.csv

I have my Sharepoint Library mapped to Z:/ currently, to make my life easier for Powershell.

I executed get-command Module Microsoft.SharePoint.PowerShell | ft name get-command Module Microsoft.SharePoint.PowerShell | ft name and ran through the list of Sharepoint Commands.

I then stumbled across the Grant-SPObjectSecurity Cmdlet , which I assume is what I would want to use on the Powershell side to, when the folder is being created, apply Sharepoint permissions only to the user for which the folder is being created for.

The process from start to finish is: Powershell Script 'Get_Group_Members' executes, reading a text file containing an Active Directory Group name, per line. For each group found, the script identifies the owner of the group, creates a folder named with the owners AD name, and puts a .CSV file in the folder listing all members of the group. Then, I (for now anyway) manually initiate the next Script 'Import_CSV' which pulls all the information into a Sharepoint list for an unrelated process.

Hope that helps understand what's happening. Am I right in assuming I should handle this on the Powershell side, as opposed to the Sharepoint side? If so, am I headin' in the right direction with Grant -SPObjectSecurity ?

Thanks!

Update:

Following the link I provided in a comment below, here is what I came up with:

function GrantUserpermission($strOwnerName)
    {
    [Microsoft.SharePoint.SPUserCollection]$spusers=[Microsoft.SharePoint.SPUserCollection]$web.SiteUsers
    [Microsoft.SharePoint.SPUser]$spuser=$spusers[$strOwnerName]

        "Strowner name: " + $strOwnerName

        # Get the SPWeb object and save it to a variable
        $web = Get-SPWeb -identity $WebURL
        if ($strOwnerName -ne $null)

        {
            $sproleass=new-object Microsoft.SharePoint.SPRoleAssignment([Microsoft.SharePoint.SPPrincipal]$spuser)
            $folder.BreakRoleInheritance("true")
            $sproleass.RoleDefinitionBindings.Add($web.RoleDefinitions["Contribute"])
            $folder.RoleAssignments.Add($sproleass);
            Write-Host "Permission provided for user ", $strOwnerName
        }

        else

        {

        Write-Host "User ""$userName"" was not found in this web!"

        }

   }

And here, are the error(s) associated with my code:

Full code can be found here: http://pastebin.com/iBpj6V1U

Update #2

#apply permissions to folder
    "Strowner name: " + $strOwnerName
    function GrantUserpermission($strOwnerName)
    {

    $web = Get-SPWeb -identity $WebURL
    [Microsoft.SharePoint.SPUser]$spuser=$web.EnsureUser($strOwnerName)
    "Strowner name in Function: " + $strOwnerName   

Updated code #2: http://pastebin.com/DzP1hVce

Answer 1

I ended up realizing, that if I am using Powershell to get information to a .CSV, and then ultimately to Sharepoint, that it doesn't make sense to actually waste time with files, and tap directly into Sharepoint via Powershell.

Here's the code I had used to accomplish this: http://pastebin.com/xRyvXLCB

Special thanks to @TheMadTechnician