cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
ArnaudB
Helper I
Helper I

Breaking inheritance with Flow/PowerAutomate on a folder

Hello,

 

Trying power automate/Flow, i try to solve an issue.

My goal :

  1. Read an excel table (with student's mail),
  2. Create a folder with name "student mail", for each student, in a folder of a team,
  3. Remove members access,
  4. Grant access to the specific student and me.

The point 3 makes me cry as you can see on the captures. I am a owner of the team.

 

Capture 1 : http://tondamrik.free.fr/img1.png

Capture 2 : http://tondamrik.free.fr/img2.png

 

Probably, i misunderstand something but what ?

 

Thanks for your precious help.

 

1 ACCEPTED SOLUTION

Accepted Solutions

Hi, you are right there is an action 'Stop sharing an item or file' but you can't use a folder as an item for this action.
Hope it helps, please like it or mark it as a solution if it resolves your clarification or issue
-Sudharsan K...

View solution in original post

12 REPLIES 12
sudharsan1985
Solution Sage
Solution Sage

Hi, you had mentioned folder. Where is the folder? whether you are mentioning the folders in the SharePoint list or something. Also, the link to the images are broken.
Hope it helps, please like it or mark it as a solution if it resolves your clarification or issue
-Sudharsan K...

Hello @sudharsan1985 ,

 

First, thanks four your answer : links are able now.

 

In fact, i want to create a folder in tab "Files" of a channel in Teams. It works but it is shared with all members (students) and i want it shared only with one of them.
But i am not able to change permissions of this new folder.

My goal is to have a flow that creates a folder only shared with a student and me, for each student.

Hope, you'll see what i mean... 😕

Hi @ArnaudB 

The images are working now but I am sorry, I couldn't understand the language. Creating folders in the Files tab of the Teams Channel is nothing but creating the folder in the Teams associated SharePoint site. Before assigning the permissions or removing the permissions, you have to break the inheritance of the permission from the parent.

 

1. Please use the 'Send HTTP...' SharePoint action to break the inheritance and clear all the inherited permissions like shown below

image.png

 2. To find the role definition id, here I find the Contribute permission level id to assign to the user.

image.png

 3. The next step is to find the User's id, by using the action mentioned below. You have to pass the user's claims value to get the ID.

image.png

4Assign the permission to the user using user id and the role definition idimage.png

 

If everything goes well, only you and the student should see the folder. Try it and let us know if you have any issues.

 

 

Hope it helps, please like it or mark it as a solution if it resolves your clarification or issue
-Sudharsan K...


@sudharsan1985 wrote:

Hi @ArnaudB 

The images are working now but I am sorry, I couldn't understand the language. Creating folders in the Files tab of the Teams Channel is nothing but creating the folder in the Teams associated SharePoint site. Before assigning the permissions or removing the permissions, you have to break the inheritance of the permission from the parent.

 


I agree with the first point (Folder in Files tab in Teams = folder in SharePoint Site) ;-).
I have just thought that breaking inheritance could be done with the Flow "block" (?) : STOP SHARING A FILE as said in many docs and tutos.

There is here something with i don't figure out / don't understand.

And... thanks a lot to try understand my langage. Sorry.

 

Hi, you are right there is an action 'Stop sharing an item or file' but you can't use a folder as an item for this action.
Hope it helps, please like it or mark it as a solution if it resolves your clarification or issue
-Sudharsan K...

Hello @sudharsan1985 !

 

Aaaahh, that's why it doesn't work !
So i may go around  : one folder by student with access for all (inheritance) but each new file in the folder of student XXX is a trigger for stopping sharing this new file and granting specific access. It sounds to me like an acceptable solution. I will try.

 

Thanks for your time and precious advices.

Arnaud.

Hi, if you restrict the folder to yourself and the student, then the files inside the folder will inherit the permission of the folder by default and there is no need to break the inheritance of each file and do the same.
Hope it helps, please like it or mark it as a solution if it resolves your clarification or issue
-Sudharsan K...

I understand and i am able (i think) to do it with your advices, but all the teachers around me will not be able except if i use dynamic variables in the script and share it with them... hmmm... I will consider this possibility ;-).

 

Thanks.

Hello @sudharsan1985 

 

If you have time, i would like to have some explanations. I have 2 possibilities.

 

Possibility 1:

  1. The teacher creates an xlsx file with students's email and saves it on his OneDrive Business.
  2. Flow gets O365 teacher's profil...
  3. ... and lists rows in the xlsx file on teacher's drive.
  4. For each loop : CREATE A FOLDER named with students's email (or name from xlsx file);

 

The next step is to break inheritance on the folder and grant edit access to the students. But these actions need to get new folder'ID : i don't know how. On your captures, i can read  : 'list name' in the API REST. What is it please ?

 

Possibility 2 :

  1. The teacher creates manually a folder named DEPOT_DE_TRAVAUX and manually restrict the access (no access for visitors and members) : so, each new folder created in it can be view/edit only by the teacher and the student by inheritance.
  2. The teacher creates an xlsx file with students's email and saves it on his OneDrive Business.
  3. Flow gets O365 teacher's profil... ... and lists rows in the xlsx file on teacher's drive.
  4. For each loop : CREATE A FOLDER named with students's email (or name from xlsx file) Grant access to the student (edit mode).

Once again, i have to get the new folder's ID...

 

fig3.png

 

Your advices are welcome ;-).

Arnaud.

Good evening,

 

I think i have understood :

- the 'Listname' is a SP List in which you have written the name of the folder ? If it's correct, is there a way not to use a SP List ?
This or something like below could be a clue/way ? 

_api/V2.0/drive/root/Documents/{id of the folder}......

- using 'data operations', i got the ID of my new folder i was looking for ;-).

 

Thanks !

 

Hello,

 

I've gone forward
I am able to create one folder per student listed in excel file and grant edit access.

So i have decided to choose a way between the two i mentioned ; the flow must :

- create a folder named 'works' (for example...),

- break inheritance for it,

- create one subfolder per student in it,-

- grant edit access for each folder/student.

 

I am near from the solution, but Break inheritance is the last point i fall.

It seems that the process is too long, and ends by time-out. I had a look in 'result' and i saw : 'bad gateway'.

Could anyone give me a clue about this ?

 

fig4.png

 

Thank you,

Arnaud.

 

I have solved it.

My Uri wal bad formatted.

Now, my flow works !

Thanks.

Helpful resources

Announcements
Power Platform Conf 2022 768x460.jpg

Join us for Microsoft Power Platform Conference

The first Microsoft-sponsored Power Platform Conference is coming in September. 100+ speakers, 150+ sessions, and what's new and next for Power Platform.

New Ideas Forum MPA.jpg

A new place to submit your Ideas for Power Automate

Announcing a new way to share your feedback with the Power Automate Team.

MPA Virtual Workshop Carousel 768x460.png

Register for a Free Workshop

Learn to digitize and optimize business processes and connect all your applications to share data in real time.

MPA Licensing.jpg

Ask your licensing questions at the Power Automate AMA!

Join Priya Kodukula and the licensing team, super users and MVPs to find answers to your questions on Power Automate licensing.

Users online (2,532)