获取某个item的权限
结果如下:
对比sharepoint manageaccess展示的数据,可以看到,我们拿到了用户以及对应的权限信息,还有用户所属的组
实现过程:使用powerautomate调用sharepoint api:
_api/web/lists/getbytitle(‘ListName’)/items(41)/roleassignments?$expand=Member,Member/Users,RoleDefinitionBindings
返回用户组,组的定义,组的member,以及具体的User;其中member中PrincipalType 标识组的类别:
如果PrincipalType =8 则遍历Member下users ,追加到数组,如果是1 直接追加到数据,如果是其他的 可自行处理
返回结果schema如下:
PrincipalType 枚举包括以下成员:
无:指定无主体类型。值 = 0。
用户:指定用户作为主体类型。值 = 1。
DistributionList:指定通讯组列表作为主体类型。值 = 2。
SecurityGroup:指定安全组作为委托人类型。值 = 4。
SharePointGroup:指定 SharePoint 组作为主体类型。值 = 8。```
{
"type": "object",
"properties": {
"value": {
"type": "array",
"items": {
"type": "object",
"properties": {
"Member": {
"type": "object",
"properties": {
"Users": {
"type": "array",
"items": {
"type": "object",
"properties": {
"Id": {
"type": "integer"
},
"IsHiddenInUI": {
"type": "boolean"
},
"LoginName": {
"type": "string"
},
"Title": {
"type": "string"
},
"PrincipalType": {
"type": "integer"
},
"Email": {
"type": "string"
},
"Expiration": {
"type": "string"
},
"IsEmailAuthenticationGuestUser": {
"type": "boolean"
},
"IsShareByEmailGuestUser": {
"type": "boolean"
},
"IsSiteAdmin": {
"type": "boolean"
},
"UserId": {
"type": "object",
"properties": {
"NameId": {
"type": "string"
},
"NameIdIssuer": {
"type": "string"
}
}
},
"UserPrincipalName": {
"type": "string"
}
},
"required": [
"Id",
"IsHiddenInUI",
"LoginName",
"Title",
"PrincipalType",
"Email",
"Expiration",
"IsEmailAuthenticationGuestUser",
"IsShareByEmailGuestUser",
"IsSiteAdmin",
"UserId",
"UserPrincipalName"
]
}
},
"Id": {
"type": "integer"
},
"IsHiddenInUI": {
"type": "boolean"
},
"LoginName": {
"type": "string"
},
"Title": {
"type": "string"
},
"PrincipalType": {
"type": "integer"
},
"AllowMembersEditMembership": {
"type": "boolean"
},
"AllowRequestToJoinLeave": {
"type": "boolean"
},
"AutoAcceptRequestToJoinLeave": {
"type": "boolean"
},
"Description": {},
"OnlyAllowMembersViewMembership": {
"type": "boolean"
},
"OwnerTitle": {
"type": "string"
},
"RequestToJoinLeaveEmailSetting": {
"type": "string"
}
}
},
"RoleDefinitionBindings": {
"type": "array",
"items": {
"type": "object",
"properties": {
"BasePermissions": {
"type": "object",
"properties": {
"High": {
"type": "string"
},
"Low": {
"type": "string"
}
}
},
"Description": {
"type": "string"
},
"Hidden": {
"type": "boolean"
},
"Id": {
"type": "integer"
},
"Name": {
"type": "string"
},
"Order": {
"type": "integer"
},
"RoleTypeKind": {
"type": "integer"
}
},
"required": [
"BasePermissions",
"Description",
"Hidden",
"Id",
"Name",
"Order",
"RoleTypeKind"
]
}
},
"PrincipalId": {
"type": "integer"
}
},
"required": [
"Member",
"RoleDefinitionBindings",
"PrincipalId"
]
}
}
}
}
2.设置权限。
我们是在list创建了多个person and group列。需要给涉及的人员都设置权限,具体如下
这里是同时获取到对应的用户,其中person,person2,person3都是多选的,所以遍历追加到数组,只需要追加email就可以。设置权限之前先stop share 再进行设置,我们是都设置了只读。可以根据需要,设置只读或者编辑权限。设置权限时Recipients 需要字符串格式,多个用;隔开。所以我们用join(variables(‘UserList’),‘;’)
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
