Share via

MS Graph - Post Permissions using Python

Resarf 5 Reputation points
2023-06-12T10:11:03.67+00:00

At the moment I am trying to use Microsoft Graph API via python requests library to update who has access to certain files on Sharepoint.

I am passing the site_id , item_id, and user_id into my function which results in the following error:

"error":{"code":"invalidRequest","message":"Invalid request"}

        headers = {
			"Authorization": f"Bearer {access_token}",
			"Content-Type": "application/json"
		}

		permission_data = {
            'grantedToIdentitiesV2': [{
                'user': {
                    'id': user_id
                    }
                }],
            "roles": ["read"]
            }

        payload = json.dumps(permission_data)

        endpoint = f"https://graph.microsoft.com/v1.0/sites/{site_id}/drive/items/{item_id}/permissions"

        response = requests.post(endpoint, headers=headers, data=payload)

Not sure if I am able to post to this endpoint based on the info here:
https://learn.microsoft.com/en-us/graph/api/resources/permission?view=graph-rest-1.0

So wondering if anyone know how I would go about this request?

Microsoft Security | Microsoft Graph
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Mehtab Siddique (MINDTREE LIMITED) 971 Reputation points
    2023-06-14T11:14:24.7533333+00:00

    To check the permissions for the particular user who has permissions:

    GET /users/{userId}/drive/items/{itemId}/permissions

    Permissions for accessing this API:

    User's image

    For more information please refer: https://learn.microsoft.com/en-us/graph/api/driveitem-list-permissions?view=graph-rest-1.0&tabs=python#example

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

  2. CarlZhao-MSFT 46,411 Reputation points
    2023-06-15T09:12:20.3233333+00:00

    Hi @Resarf

    You should send the user a share invitation for the drive item to grant the user access to the file.

    Using the Python SDK:

    client =  GraphServiceClient(request_adapter)
request_body = InvitePostRequestBody()
recipients_drive_recipient1 = DriveRecipient()
recipients_drive_recipient1.email = '******@contoso.com'
recipientsArray []= recipientsDriveRecipient1;
request_body.recipients(recipientsArray)
request_body.message = 'Here\'s the file that we\'re collaborating on.'
request_body.require_sign_in = True
request_body.send_invitation = True
request_body.Roles(['read'])
request_body.expiration_date_time = '2023-06-16T14:00:00.000Z'
result = await client.drives.by_drive_id('drive-id').items.by_item_id('driveItem-id').invite.post(request_body = request_body)

    Hope this helps.

    If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.