cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
kukulka
Resolver I
Resolver I

How to revoke permission to specific folder in document library?

Hi,

 

I am fighting with this stuff the whole day yesterday.

 

I have a document library where Azure DevOps create folders. The hierarchy looks like this:

ver. 123-123

|

----- Applications

|

----- Runtime-packages

 

We want to share document library to partners (Partners - Security Group). And we don't want Partners to see Applications folder. But everything need to be available to all our employees.

 

My current flow looks like this:

kukulka_0-1621492818302.png

1. It is triggered by isFolder=true

kukulka_1-1621492975624.png

 

2. Flow receives metadata about folder Applications

kukulka_3-1621493067788.png

 

3. Flow breaks inheritance

kukulka_2-1621493009208.png

 

Please give me a hint how to revoke permission to Applications folder for Partners group?

 

1 ACCEPTED SOLUTION

Accepted Solutions
tom_riha
Super User
Super User

Hello @kukulka ,

I don't know if you can remove just a specific security group, but you could remove all permissions from that folder.

1. Get all users/groups with access

Method: POST

Uri:
_api/web/lists/getByTitle('<LibraryName>')/items(<FolderID>)/roleassignments

2. remove all the groups with access ('Parse JSON' from the step 1 to get the 'PrincipalId' for each)

Method: POST

Uri:
_api/web/lists/getByTitle('<LibraryName>')/items(<FolderID>)/roleassignments(<PrincipalId>)

Headers:
X-HTTP-Method : DELETE

3. 'Grant access to an item or folder' to give back permissions to those who should have it. 



[ If I have answered your question, please Accept the post as a solution. ]
[ If you like my response, please give it a Thumbs Up. ]

[ I also blog about Power Automate solutions even for non-IT people. ]

View solution in original post

2 REPLIES 2
tom_riha
Super User
Super User

Hello @kukulka ,

I don't know if you can remove just a specific security group, but you could remove all permissions from that folder.

1. Get all users/groups with access

Method: POST

Uri:
_api/web/lists/getByTitle('<LibraryName>')/items(<FolderID>)/roleassignments

2. remove all the groups with access ('Parse JSON' from the step 1 to get the 'PrincipalId' for each)

Method: POST

Uri:
_api/web/lists/getByTitle('<LibraryName>')/items(<FolderID>)/roleassignments(<PrincipalId>)

Headers:
X-HTTP-Method : DELETE

3. 'Grant access to an item or folder' to give back permissions to those who should have it. 



[ If I have answered your question, please Accept the post as a solution. ]
[ If you like my response, please give it a Thumbs Up. ]

[ I also blog about Power Automate solutions even for non-IT people. ]

Fantastic workaround. Thanks!

Helpful resources

Announcements
October Events

Mark Your Calendars

So many events happening this month - don't miss out!

 WHAT’S NEXT AT MICROSOFT IGNITE 2022

WHAT’S NEXT AT MICROSOFT IGNITE 2022

Explore the latest innovations, learn from product experts and partners, level up your skillset, and create connections from around the world.

Register for a Free Workshop.png

Register for a Free Workshop

Learn to digitize and optimize business processes and connect all your applications to share data in real time.

Users online (3,395)