cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Highlighted
Helper I
Helper I

Getting SharePoint Permissions

I want to return all users and their associated SharePoint permission group membership to a site or library item.  I have the URL to the site or item.    

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Super User II
Super User II

Re: Getting SharePoint Permissions

Hello @rarroyo1 

You could use the "Send an Http request to Sharepoint", and use an Uri like this to get the permissions for the site: 

weburl+”/_api/Web/RoleAssignments?$expand=Member,RoleDefinitionBindings”

You will get some results with the groups and their permissions, and will have to parse the results. I attach the schema you should use:

{
    "type": "object",
    "properties": {
        "odata.metadata": {
            "type": "string"
        },
        "value": {
            "type": "array",
            "items": {
                "type": "object",
                "properties": {
                    "odata.type": {
                        "type": "string"
                    },
                    "odata.id": {
                        "type": "string"
                    },
                    "odata.editLink": {
                        "type": "string"
                    },
                    "Member@odata.navigationLinkUrl": {
                        "type": "string"
                    },
                    "Member": {
                        "type": "object",
                        "properties": {
                            "odata.type": {
                                "type": "string"
                            },
                            "odata.id": {
                                "type": "string"
                            },
                            "odata.editLink": {
                                "type": "string"
                            },
                            "Id": {
                                "type": "integer"
                            },
                            "IsHiddenInUI": {
                                "type": "boolean"
                            },
                            "LoginName": {
                                "type": "string"
                            },
                            "Title": {
                                "type": "string"
                            },
                            "PrincipalType": {
                                "type": "integer"
                            },
                            "AllowMembersEditMembership": {
                                "type": "boolean"
                            },
                            "AllowRequestToJoinLeave": {
                                "type": "boolean"
                            },
                            "AutoAcceptRequestToJoinLeave": {
                                "type": "boolean"
                            },
                            "Description": {},
                            "OnlyAllowMembersViewMembership": {
                                "type": "boolean"
                            },
                            "OwnerTitle": {
                                "type": "string"
                            },
                            "RequestToJoinLeaveEmailSetting": {
                                "type": "string"
                            }
                        }
                    },
                    "RoleDefinitionBindings@odata.navigationLinkUrl": {
                        "type": "string"
                    },
                    "RoleDefinitionBindings": {
                        "type": "array",
                        "items": {
                            "type": "object",
                            "properties": {
                                "odata.type": {
                                    "type": "string"
                                },
                                "odata.id": {
                                    "type": "string"
                                },
                                "odata.editLink": {
                                    "type": "string"
                                },
                                "BasePermissions": {
                                    "type": "object",
                                    "properties": {
                                        "High": {
                                            "type": "string"
                                        },
                                        "Low": {
                                            "type": "string"
                                        }
                                    }
                                },
                                "Description": {
                                    "type": "string"
                                },
                                "Hidden": {
                                    "type": "boolean"
                                },
                                "Id": {
                                    "type": "integer"
                                },
                                "Name": {
                                    "type": "string"
                                },
                                "Order": {
                                    "type": "integer"
                                },
                                "RoleTypeKind": {
                                    "type": "integer"
                                }
                            },
                            "required": [
                                "odata.type",
                                "odata.id",
                                "odata.editLink",
                                "BasePermissions",
                                "Description",
                                "Hidden",
                                "Id",
                                "Name",
                                "Order",
                                "RoleTypeKind"
                            ]
                        }
                    },
                    "PrincipalId": {
                        "type": "integer"
                    }
                },
                "required": [
                    "odata.type",
                    "odata.id",
                    "odata.editLink",
                    "Member@odata.navigationLinkUrl",
                    "Member",
                    "RoleDefinitionBindings@odata.navigationLinkUrl",
                    "RoleDefinitionBindings",
                    "PrincipalId"
                ]
            }
        }
    }
}

For each group, you can get the email and its members with the following uri: 

api/Web/SiteGroups/GetByName('Name_Of_Role_Or_Group')/users?$select=email,Id

Parse the JSON results again with the following schema:

{
    "type": "object",
    "properties": {
        "d": {
            "type": "object",
            "properties": {
                "results": {
                    "type": "array",
                    "items": {
                        "type": "object",
                        "properties": {
                            "__metadata": {
                                "type": "object",
                                "properties": {
                                    "id": {
                                        "type": "string"
                                    },
                                    "uri": {
                                        "type": "string"
                                    },
                                    "type": {
                                        "type": "string"
                                    }
                                }
                            },
                            "Id": {
                                "type": "integer"
                            },
                            "Email": {
                                "type": "string"
                            }
                        },
                        "required": [
                            "__metadata",
                            "Id",
                            "Email"
                        ]
                    }
                }
            }
        }
    }
}

And then save the email to a string array, for example.

I attach a sample in two screenshots.First PartFirst Part

 

Second PartSecond Part

 

Hope it helps!

Ferran

 

 

 

 

 

Did I answer your question? Please consider to mark my post as a solution to help others.
Proud to be a Flownaut!

View solution in original post

6 REPLIES 6
Highlighted
Dual Super User III
Dual Super User III

Re: Getting SharePoint Permissions

Hi @rarroyo1 

 

You can check this out : https://www.youtube.com/watch?v=dIzOAbMjN7g 

 

Hope this Helps!

If this reply has answered your question or solved your issue, please mark this question as answered. Answered questions helps users in the future who may have the same issue or question quickly find a resolution via search. If you liked my response, please consider giving it a thumbs up. THANKS!

Highlighted
Super User III
Super User III

Re: Getting SharePoint Permissions

hi @rarroyo1 

you can follow this post to see if this is what you need

https://powerusers.microsoft.com/t5/General-Power-Automate/using-Flow-to-grant-access-in-SharePoint/...



Did I answer your question? Please consider to Mark
my post as a solution! to guide others :winking_face:

Proud to be a Flownaut!


If you want you can follow me at www.christianabata.com Quieres contenido en español? Síguenos en Power Automate LA
Highlighted
Helper I
Helper I

Re: Getting SharePoint Permissions

The link you sent was for a powerapp.  I am using Flow.   I believe I need to use the Send HTTP request to SharePoint, but don't know how to form the API request.

Highlighted
Helper I
Helper I

Re: Getting SharePoint Permissions

Nope.  Don't follow.  

Highlighted
Super User III
Super User III

Re: Getting SharePoint Permissions

hi @rarroyo1  by using a PA action is not currently available sorry, you have just HTTP request



Did I answer your question? Please consider to Mark
my post as a solution! to guide others :winking_face:

Proud to be a Flownaut!


If you want you can follow me at www.christianabata.com Quieres contenido en español? Síguenos en Power Automate LA
Highlighted
Super User II
Super User II

Re: Getting SharePoint Permissions

Hello @rarroyo1 

You could use the "Send an Http request to Sharepoint", and use an Uri like this to get the permissions for the site: 

weburl+”/_api/Web/RoleAssignments?$expand=Member,RoleDefinitionBindings”

You will get some results with the groups and their permissions, and will have to parse the results. I attach the schema you should use:

{
    "type": "object",
    "properties": {
        "odata.metadata": {
            "type": "string"
        },
        "value": {
            "type": "array",
            "items": {
                "type": "object",
                "properties": {
                    "odata.type": {
                        "type": "string"
                    },
                    "odata.id": {
                        "type": "string"
                    },
                    "odata.editLink": {
                        "type": "string"
                    },
                    "Member@odata.navigationLinkUrl": {
                        "type": "string"
                    },
                    "Member": {
                        "type": "object",
                        "properties": {
                            "odata.type": {
                                "type": "string"
                            },
                            "odata.id": {
                                "type": "string"
                            },
                            "odata.editLink": {
                                "type": "string"
                            },
                            "Id": {
                                "type": "integer"
                            },
                            "IsHiddenInUI": {
                                "type": "boolean"
                            },
                            "LoginName": {
                                "type": "string"
                            },
                            "Title": {
                                "type": "string"
                            },
                            "PrincipalType": {
                                "type": "integer"
                            },
                            "AllowMembersEditMembership": {
                                "type": "boolean"
                            },
                            "AllowRequestToJoinLeave": {
                                "type": "boolean"
                            },
                            "AutoAcceptRequestToJoinLeave": {
                                "type": "boolean"
                            },
                            "Description": {},
                            "OnlyAllowMembersViewMembership": {
                                "type": "boolean"
                            },
                            "OwnerTitle": {
                                "type": "string"
                            },
                            "RequestToJoinLeaveEmailSetting": {
                                "type": "string"
                            }
                        }
                    },
                    "RoleDefinitionBindings@odata.navigationLinkUrl": {
                        "type": "string"
                    },
                    "RoleDefinitionBindings": {
                        "type": "array",
                        "items": {
                            "type": "object",
                            "properties": {
                                "odata.type": {
                                    "type": "string"
                                },
                                "odata.id": {
                                    "type": "string"
                                },
                                "odata.editLink": {
                                    "type": "string"
                                },
                                "BasePermissions": {
                                    "type": "object",
                                    "properties": {
                                        "High": {
                                            "type": "string"
                                        },
                                        "Low": {
                                            "type": "string"
                                        }
                                    }
                                },
                                "Description": {
                                    "type": "string"
                                },
                                "Hidden": {
                                    "type": "boolean"
                                },
                                "Id": {
                                    "type": "integer"
                                },
                                "Name": {
                                    "type": "string"
                                },
                                "Order": {
                                    "type": "integer"
                                },
                                "RoleTypeKind": {
                                    "type": "integer"
                                }
                            },
                            "required": [
                                "odata.type",
                                "odata.id",
                                "odata.editLink",
                                "BasePermissions",
                                "Description",
                                "Hidden",
                                "Id",
                                "Name",
                                "Order",
                                "RoleTypeKind"
                            ]
                        }
                    },
                    "PrincipalId": {
                        "type": "integer"
                    }
                },
                "required": [
                    "odata.type",
                    "odata.id",
                    "odata.editLink",
                    "Member@odata.navigationLinkUrl",
                    "Member",
                    "RoleDefinitionBindings@odata.navigationLinkUrl",
                    "RoleDefinitionBindings",
                    "PrincipalId"
                ]
            }
        }
    }
}

For each group, you can get the email and its members with the following uri: 

api/Web/SiteGroups/GetByName('Name_Of_Role_Or_Group')/users?$select=email,Id

Parse the JSON results again with the following schema:

{
    "type": "object",
    "properties": {
        "d": {
            "type": "object",
            "properties": {
                "results": {
                    "type": "array",
                    "items": {
                        "type": "object",
                        "properties": {
                            "__metadata": {
                                "type": "object",
                                "properties": {
                                    "id": {
                                        "type": "string"
                                    },
                                    "uri": {
                                        "type": "string"
                                    },
                                    "type": {
                                        "type": "string"
                                    }
                                }
                            },
                            "Id": {
                                "type": "integer"
                            },
                            "Email": {
                                "type": "string"
                            }
                        },
                        "required": [
                            "__metadata",
                            "Id",
                            "Email"
                        ]
                    }
                }
            }
        }
    }
}

And then save the email to a string array, for example.

I attach a sample in two screenshots.First PartFirst Part

 

Second PartSecond Part

 

Hope it helps!

Ferran

 

 

 

 

 

Did I answer your question? Please consider to mark my post as a solution to help others.
Proud to be a Flownaut!

View solution in original post

Helpful resources

Announcements
Power Platform ISV Studio

Power Platform ISV Studio

ISV Studio is designed to become the go-to Power Platform destination for ISV’s to monitor & manage published applications.

Upcoming Events

Experience what’s next for Power Automate

See the latest Power Automate innovations, updates, and demos from the Microsoft Business Applications Launch Event.

Community Conference

Power Platform Community Conference

Find your favorite faces from the community presenting at the Power Platform Community Conference!

Top Solution Authors
Top Kudoed Authors
Users online (8,712)