Hi @Python Developer 7 ,
To determine if a user has read access to a drive item in SharePoint, one possible solution is to call the Graph API's get drive item
endpoint and verify if the response is an item or an error. If the user has access, the response will be an item, and if not, it will be an error. This approach should be reliable enough, but it can not check access for multiple items at once.
GET /sites/{site-id}/lists/{list-id}/items/{item-id}
This indicates that the user has at least Sites.Read.All
permission on item 2.
For your reference:
https://learn.microsoft.com/en-us/graph/api/listitem-get?view=graph-rest-1.0&tabs=http
As for the effectiveBasePermissions
endpoint, the response is a bitfield that represents the permissions that the current user has on the item. You can interpret the bitfield by comparing it to the SP.BasePermissions
enumeration in SharePoint. However, this approach may require hardcoding values or making too many requests, as you mentioned. It doesn't meet your requirements.
Good day!
If the answer is helpful, please click "Accept as Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.