Get user permissions for one drive drive

asked 2023-01-17T14:38:06.6666667+00:00
Olga Romanova 41 Reputation points

Hello,

I am working on the following use case to be implemented via SharePoint/OneDrive REST API:

  1. Group is assigned to particular document library in Sharepoint(group might have read and write access).
  2. User in this group can upload / edit document according to group's rights.

So I can learn about assigned groups to drive via route:

GET /sites/{siteId}/drive/items/{itemId}/permissions 

This will geve me the result which looks similar to this:

 "value": [  
         {  
             "id": "id",  
             "roles": [],  
             "grantedToV2": {  
                 "siteGroup": {  
                     "displayName": "Group Owners",  
                     "id": "groupId",  
                     "loginName": "Group Owners"  
                 }  
             },  
             "grantedTo": {  
                 "user": {  
                     "displayName": "Group Owners"  
                 }  
             },  
             "inheritedFrom": {}  
         }]  

But with this approach I have several problems:

  1. Not owner of the drive cannot see roles in roles array(array is empty).
  2. The result shows all groups of the drive not only whose to which the user is assigned.

Could someone advice me how can I implement the required use case? How can I know that the particular user has right or read access to the drive?

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
556 questions
SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
5,976 questions
SharePoint Development
SharePoint Development
SharePoint: A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.Development: The process of researching, productizing, and refining new or existing technologies.
1,664 questions
No comments
{count} votes

Accepted answer
  1. answered 2023-01-17T18:20:30.8666667+00:00
    Shivam Dhiman-MSFT 4,246 Reputation points Microsoft Employee

    Hi @Olga Romanova

    Apologize for delay in response.
    I have tried this GET /sites/{siteId}/drive/items/{itemId}/permissions Graph API and I am able to get roles in response. Please refer to below sample screenshot:

    1sample

    2sample

    Please make sure you have created permission before trying to list the permission. You can create permission using this Graph API endpoint along with the request body by setting Roles property values.

    Please refer to the sample request below:

    POST https://graph.microsoft.com/v1.0/sites/{sitesId}/permissions
    Content-Type: application/json
    
    {
      "roles": ["write"],
      "grantedToIdentities": [{
        "application": {
          "id": "89ea5c94-7736-4e25-95ad-
          "displayName": "Contoso Time Manager App"
        }
      }]
    }
    
    

    Refer to this documentation for more details.

    As you have mentioned that "result shows all groups of the drive not only whose to which the user is assigned.", to get the specific permission you can use Get Site Permissions instead of List Site Permission.
    Get Sites permission will help you to Retrieve the properties and relationships of a permission object on a site.

    Use this GET https://graph.microsoft.com/v1.0/sites/{sitesId}/permissions/{permissionId} Graph API endpoint for the same.

    Hope this helps.

    If the answer is helpful, please click Accept Answer and kindly upvote. If you have any further questions about this answer, please click Comment.


0 additional answers

Sort by: Most helpful