cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Sara_BBX
New Member

Determine whether a Person/Group field contains a SharePoint Group or a Person

Hi gurus!

 

I am really new to Power Automate and have an flow that sets item level permissions on a Document Set in SharePoint.  I've got my flow running successfully but there's one part of it that I want to tighten up a bit.

 

Here's a very basic example of what I have now and what I need:

 

My register is HR based and captures an employee record with their management structure i.e. Employee, Line Manager, Middle Manager, Executive Manager.  Line Manager can only be people.  Middle and Executive Manager can be a person or a SharePoint Group.  Each of the people or groups defined in the Manager fields need Contribute access to the doc set.

 

I am collecting the contents of the Manager fields into a variable their display names and then dropping them into an array.

 

I've learned (the hard way) that the Flow commands to set item level security for People are different to setting them for SharePoint Groups.

 

I have a Condition that checks each entry in an array - and here is where I need the help! - by display name.  All the defined SharePoint Group names start with the text "EDMS", so that's what I am testing for:

 

If varArray starts with EDMS - then it's a SharePoint Group and goes down the Yes path, otherwise it goes down the No path.

 

What I want then is a way for my condition to find out if the value is a SharePoint Group without having to rely on how the group is named or any other thing that can be changed by the user.

 

I figure lots of people have done exactly that but the last few days of me searching have not revealed the answer to me.

 

All suggestions gratefully received!

 

Kind regards

Sara

1 ACCEPTED SOLUTION

Accepted Solutions
PURNA429
Resolver II
Resolver II

Hi @Sara_BBX ,

Here is my test on this. Using Claims field of actual field , you can check this. I tested for a field called Executive Manager and by using "Executive Manager Claims" field in flow you can achieve this.

The person or group field is giving output like this :

For Group:

{"@odata.type":"#Microsoft.Azure.Connectors.SharePoint.SPListExpandedUser","Claims":"c:0o.c|federateddirectoryclaimprovider|082erfbb-1234-4f9c-9612-1123f4bd1adfc","DisplayName":"ABC-SharePointAdmins Members","Email":"ABCSharePointAdmins@domain.onmicrosoft.com","Picture":"https://domain.sharepoint.com/sites/testsite/_layouts/15/UserPhoto.aspx?Size=L&AccountName=ABCSharePointAdmins@domain.onmicrosoft.com"}

For User :

{"@odata.type":"#Microsoft.Azure.Connectors.SharePoint.SPListExpandedUser","Claims":"i:0#.f|membership|fn.ln@domain.com","DisplayName":"FN LA","Email":"fn.ln@domain.com","Picture":"https://domain.sharepoint.com/sites/testsite/_layouts/15/UserPhoto.aspx?Size=L&AccountName=fn.ln@domain.com","Department":"aaaa","JobTitle":"dddddd"}

 

So if you observe the Claims property it is different for user vs group. User contains it as i:0#.f|membership|fn.ln@domain.com where in group contains it as c:0o.c|federateddirectoryclaimprovider|082erfbb-1234-4f9c-9612-1123f4bd1adfc.

So i am checking this like below to differentiate user from group:

UserVsGroup.png

This is completely with limited test sets. Please check with couple of users and groups in your test before implementing it.

 

If I answered your question, please mark this question as answered and if you liked my response, please give a thumbs up .

 

Thanks

Purna

Blog

View solution in original post

2 REPLIES 2
PURNA429
Resolver II
Resolver II

Hi @Sara_BBX ,

Here is my test on this. Using Claims field of actual field , you can check this. I tested for a field called Executive Manager and by using "Executive Manager Claims" field in flow you can achieve this.

The person or group field is giving output like this :

For Group:

{"@odata.type":"#Microsoft.Azure.Connectors.SharePoint.SPListExpandedUser","Claims":"c:0o.c|federateddirectoryclaimprovider|082erfbb-1234-4f9c-9612-1123f4bd1adfc","DisplayName":"ABC-SharePointAdmins Members","Email":"ABCSharePointAdmins@domain.onmicrosoft.com","Picture":"https://domain.sharepoint.com/sites/testsite/_layouts/15/UserPhoto.aspx?Size=L&AccountName=ABCSharePointAdmins@domain.onmicrosoft.com"}

For User :

{"@odata.type":"#Microsoft.Azure.Connectors.SharePoint.SPListExpandedUser","Claims":"i:0#.f|membership|fn.ln@domain.com","DisplayName":"FN LA","Email":"fn.ln@domain.com","Picture":"https://domain.sharepoint.com/sites/testsite/_layouts/15/UserPhoto.aspx?Size=L&AccountName=fn.ln@domain.com","Department":"aaaa","JobTitle":"dddddd"}

 

So if you observe the Claims property it is different for user vs group. User contains it as i:0#.f|membership|fn.ln@domain.com where in group contains it as c:0o.c|federateddirectoryclaimprovider|082erfbb-1234-4f9c-9612-1123f4bd1adfc.

So i am checking this like below to differentiate user from group:

UserVsGroup.png

This is completely with limited test sets. Please check with couple of users and groups in your test before implementing it.

 

If I answered your question, please mark this question as answered and if you liked my response, please give a thumbs up .

 

Thanks

Purna

Blog

View solution in original post

Thanks @PURNA429 that was exactly what was needed.

Helpful resources

Announcements
UG GA Amplification 768x460.png

Launching new user group features

Learn how to create your own user groups today!

Community Connections 768x460.jpg

Community & How To Videos

Check out the new Power Platform Community Connections gallery!

M365 768x460.jpg

Microsoft 365 Collaboration Conference | December 7–9, 2021

Join us, in-person, December 7–9 in Las Vegas, for the largest gathering of the Microsoft community in the world.

Top Solution Authors
Users online (3,562)