cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
rarroyo1
Helper I
Helper I

Getting SharePoint Permissions

I want to return all users and their associated SharePoint permission group membership to a site or library item.  I have the URL to the site or item.    

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
fchopo
Super User II
Super User II

Hello @rarroyo1 

You could use the "Send an Http request to Sharepoint", and use an Uri like this to get the permissions for the site: 

weburl+”/_api/Web/RoleAssignments?$expand=Member,RoleDefinitionBindings”

You will get some results with the groups and their permissions, and will have to parse the results. I attach the schema you should use:

{
    "type": "object",
    "properties": {
        "odata.metadata": {
            "type": "string"
        },
        "value": {
            "type": "array",
            "items": {
                "type": "object",
                "properties": {
                    "odata.type": {
                        "type": "string"
                    },
                    "odata.id": {
                        "type": "string"
                    },
                    "odata.editLink": {
                        "type": "string"
                    },
                    "Member@odata.navigationLinkUrl": {
                        "type": "string"
                    },
                    "Member": {
                        "type": "object",
                        "properties": {
                            "odata.type": {
                                "type": "string"
                            },
                            "odata.id": {
                                "type": "string"
                            },
                            "odata.editLink": {
                                "type": "string"
                            },
                            "Id": {
                                "type": "integer"
                            },
                            "IsHiddenInUI": {
                                "type": "boolean"
                            },
                            "LoginName": {
                                "type": "string"
                            },
                            "Title": {
                                "type": "string"
                            },
                            "PrincipalType": {
                                "type": "integer"
                            },
                            "AllowMembersEditMembership": {
                                "type": "boolean"
                            },
                            "AllowRequestToJoinLeave": {
                                "type": "boolean"
                            },
                            "AutoAcceptRequestToJoinLeave": {
                                "type": "boolean"
                            },
                            "Description": {},
                            "OnlyAllowMembersViewMembership": {
                                "type": "boolean"
                            },
                            "OwnerTitle": {
                                "type": "string"
                            },
                            "RequestToJoinLeaveEmailSetting": {
                                "type": "string"
                            }
                        }
                    },
                    "RoleDefinitionBindings@odata.navigationLinkUrl": {
                        "type": "string"
                    },
                    "RoleDefinitionBindings": {
                        "type": "array",
                        "items": {
                            "type": "object",
                            "properties": {
                                "odata.type": {
                                    "type": "string"
                                },
                                "odata.id": {
                                    "type": "string"
                                },
                                "odata.editLink": {
                                    "type": "string"
                                },
                                "BasePermissions": {
                                    "type": "object",
                                    "properties": {
                                        "High": {
                                            "type": "string"
                                        },
                                        "Low": {
                                            "type": "string"
                                        }
                                    }
                                },
                                "Description": {
                                    "type": "string"
                                },
                                "Hidden": {
                                    "type": "boolean"
                                },
                                "Id": {
                                    "type": "integer"
                                },
                                "Name": {
                                    "type": "string"
                                },
                                "Order": {
                                    "type": "integer"
                                },
                                "RoleTypeKind": {
                                    "type": "integer"
                                }
                            },
                            "required": [
                                "odata.type",
                                "odata.id",
                                "odata.editLink",
                                "BasePermissions",
                                "Description",
                                "Hidden",
                                "Id",
                                "Name",
                                "Order",
                                "RoleTypeKind"
                            ]
                        }
                    },
                    "PrincipalId": {
                        "type": "integer"
                    }
                },
                "required": [
                    "odata.type",
                    "odata.id",
                    "odata.editLink",
                    "Member@odata.navigationLinkUrl",
                    "Member",
                    "RoleDefinitionBindings@odata.navigationLinkUrl",
                    "RoleDefinitionBindings",
                    "PrincipalId"
                ]
            }
        }
    }
}

For each group, you can get the email and its members with the following uri: 

api/Web/SiteGroups/GetByName('Name_Of_Role_Or_Group')/users?$select=email,Id

Parse the JSON results again with the following schema:

{
    "type": "object",
    "properties": {
        "d": {
            "type": "object",
            "properties": {
                "results": {
                    "type": "array",
                    "items": {
                        "type": "object",
                        "properties": {
                            "__metadata": {
                                "type": "object",
                                "properties": {
                                    "id": {
                                        "type": "string"
                                    },
                                    "uri": {
                                        "type": "string"
                                    },
                                    "type": {
                                        "type": "string"
                                    }
                                }
                            },
                            "Id": {
                                "type": "integer"
                            },
                            "Email": {
                                "type": "string"
                            }
                        },
                        "required": [
                            "__metadata",
                            "Id",
                            "Email"
                        ]
                    }
                }
            }
        }
    }
}

And then save the email to a string array, for example.

I attach a sample in two screenshots.First PartFirst Part

 

Second PartSecond Part

 

Hope it helps!

Ferran

 

 

 

 

 

Did I answer your question? Please consider to mark my post as a solution to help others.
Proud to be a Flownaut!

View solution in original post

6 REPLIES 6
yashag2255
Dual Super User II
Dual Super User II

Hi @rarroyo1 

 

You can check this out : https://www.youtube.com/watch?v=dIzOAbMjN7g 

 

Hope this Helps!

If this reply has answered your question or solved your issue, please mark this question as answered. Answered questions helps users in the future who may have the same issue or question quickly find a resolution via search. If you liked my response, please consider giving it a thumbs up. THANKS!

ChristianAbata
Super User II
Super User II

hi @rarroyo1 

you can follow this post to see if this is what you need

https://powerusers.microsoft.com/t5/General-Power-Automate/using-Flow-to-grant-access-in-SharePoint/...



Did I answer your question? Please consider to Mark
my post as a solution! to guide others :winking_face:

Proud to be a Flownaut!


If you want you can follow me at www.christianabata.com Quieres contenido en español? Síguenos en Power Automate LA

The link you sent was for a powerapp.  I am using Flow.   I believe I need to use the Send HTTP request to SharePoint, but don't know how to form the API request.

Nope.  Don't follow.  

hi @rarroyo1  by using a PA action is not currently available sorry, you have just HTTP request



Did I answer your question? Please consider to Mark
my post as a solution! to guide others :winking_face:

Proud to be a Flownaut!


If you want you can follow me at www.christianabata.com Quieres contenido en español? Síguenos en Power Automate LA
fchopo
Super User II
Super User II

Hello @rarroyo1 

You could use the "Send an Http request to Sharepoint", and use an Uri like this to get the permissions for the site: 

weburl+”/_api/Web/RoleAssignments?$expand=Member,RoleDefinitionBindings”

You will get some results with the groups and their permissions, and will have to parse the results. I attach the schema you should use:

{
    "type": "object",
    "properties": {
        "odata.metadata": {
            "type": "string"
        },
        "value": {
            "type": "array",
            "items": {
                "type": "object",
                "properties": {
                    "odata.type": {
                        "type": "string"
                    },
                    "odata.id": {
                        "type": "string"
                    },
                    "odata.editLink": {
                        "type": "string"
                    },
                    "Member@odata.navigationLinkUrl": {
                        "type": "string"
                    },
                    "Member": {
                        "type": "object",
                        "properties": {
                            "odata.type": {
                                "type": "string"
                            },
                            "odata.id": {
                                "type": "string"
                            },
                            "odata.editLink": {
                                "type": "string"
                            },
                            "Id": {
                                "type": "integer"
                            },
                            "IsHiddenInUI": {
                                "type": "boolean"
                            },
                            "LoginName": {
                                "type": "string"
                            },
                            "Title": {
                                "type": "string"
                            },
                            "PrincipalType": {
                                "type": "integer"
                            },
                            "AllowMembersEditMembership": {
                                "type": "boolean"
                            },
                            "AllowRequestToJoinLeave": {
                                "type": "boolean"
                            },
                            "AutoAcceptRequestToJoinLeave": {
                                "type": "boolean"
                            },
                            "Description": {},
                            "OnlyAllowMembersViewMembership": {
                                "type": "boolean"
                            },
                            "OwnerTitle": {
                                "type": "string"
                            },
                            "RequestToJoinLeaveEmailSetting": {
                                "type": "string"
                            }
                        }
                    },
                    "RoleDefinitionBindings@odata.navigationLinkUrl": {
                        "type": "string"
                    },
                    "RoleDefinitionBindings": {
                        "type": "array",
                        "items": {
                            "type": "object",
                            "properties": {
                                "odata.type": {
                                    "type": "string"
                                },
                                "odata.id": {
                                    "type": "string"
                                },
                                "odata.editLink": {
                                    "type": "string"
                                },
                                "BasePermissions": {
                                    "type": "object",
                                    "properties": {
                                        "High": {
                                            "type": "string"
                                        },
                                        "Low": {
                                            "type": "string"
                                        }
                                    }
                                },
                                "Description": {
                                    "type": "string"
                                },
                                "Hidden": {
                                    "type": "boolean"
                                },
                                "Id": {
                                    "type": "integer"
                                },
                                "Name": {
                                    "type": "string"
                                },
                                "Order": {
                                    "type": "integer"
                                },
                                "RoleTypeKind": {
                                    "type": "integer"
                                }
                            },
                            "required": [
                                "odata.type",
                                "odata.id",
                                "odata.editLink",
                                "BasePermissions",
                                "Description",
                                "Hidden",
                                "Id",
                                "Name",
                                "Order",
                                "RoleTypeKind"
                            ]
                        }
                    },
                    "PrincipalId": {
                        "type": "integer"
                    }
                },
                "required": [
                    "odata.type",
                    "odata.id",
                    "odata.editLink",
                    "Member@odata.navigationLinkUrl",
                    "Member",
                    "RoleDefinitionBindings@odata.navigationLinkUrl",
                    "RoleDefinitionBindings",
                    "PrincipalId"
                ]
            }
        }
    }
}

For each group, you can get the email and its members with the following uri: 

api/Web/SiteGroups/GetByName('Name_Of_Role_Or_Group')/users?$select=email,Id

Parse the JSON results again with the following schema:

{
    "type": "object",
    "properties": {
        "d": {
            "type": "object",
            "properties": {
                "results": {
                    "type": "array",
                    "items": {
                        "type": "object",
                        "properties": {
                            "__metadata": {
                                "type": "object",
                                "properties": {
                                    "id": {
                                        "type": "string"
                                    },
                                    "uri": {
                                        "type": "string"
                                    },
                                    "type": {
                                        "type": "string"
                                    }
                                }
                            },
                            "Id": {
                                "type": "integer"
                            },
                            "Email": {
                                "type": "string"
                            }
                        },
                        "required": [
                            "__metadata",
                            "Id",
                            "Email"
                        ]
                    }
                }
            }
        }
    }
}

And then save the email to a string array, for example.

I attach a sample in two screenshots.First PartFirst Part

 

Second PartSecond Part

 

Hope it helps!

Ferran

 

 

 

 

 

Did I answer your question? Please consider to mark my post as a solution to help others.
Proud to be a Flownaut!

View solution in original post

Helpful resources

Announcements
User Groups Public Preview

Join us for our User Group Public Preview!

Power Automate User Groups are coming! Make sure you’re among the first to know when user groups go live for public preview.

New Super Users

Meet the Power Automate Super Users!

Many congratulations to the Season 1 2021 Flownaut Crew!

Power Platform ISV STudio

Power Platform ISV Studio

ISV Studio is the go-to Power Platform destination for ISV’s to monitor & manage applications post-AppSource publish.

Users online (55,564)