cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
ArnaudB
Helper I
Helper I

Breaking inheritance with Flow/PowerAutomate on a folder

Hello,

 

Trying power automate/Flow, i try to solve an issue.

My goal :

  1. Read an excel table (with student's mail),
  2. Create a folder with name "student mail", for each student, in a folder of a team,
  3. Remove members access,
  4. Grant access to the specific student and me.

The point 3 makes me cry as you can see on the captures. I am a owner of the team.

 

Capture 1 : http://tondamrik.free.fr/img1.png

Capture 2 : http://tondamrik.free.fr/img2.png

 

Probably, i misunderstand something but what ?

 

Thanks for your precious help.

 

1 ACCEPTED SOLUTION

Accepted Solutions

Hi, you are right there is an action 'Stop sharing an item or file' but you can't use a folder as an item for this action.
Hope it helps, please like it or mark it as a solution if it resolves your clarification or issue
-Sudharsan K...

View solution in original post

12 REPLIES 12
sudharsan1985
Solution Sage
Solution Sage

Hi, you had mentioned folder. Where is the folder? whether you are mentioning the folders in the SharePoint list or something. Also, the link to the images are broken.
Hope it helps, please like it or mark it as a solution if it resolves your clarification or issue
-Sudharsan K...

Hello @sudharsan1985 ,

 

First, thanks four your answer : links are able now.

 

In fact, i want to create a folder in tab "Files" of a channel in Teams. It works but it is shared with all members (students) and i want it shared only with one of them.
But i am not able to change permissions of this new folder.

My goal is to have a flow that creates a folder only shared with a student and me, for each student.

Hope, you'll see what i mean... 😕

Hi @ArnaudB 

The images are working now but I am sorry, I couldn't understand the language. Creating folders in the Files tab of the Teams Channel is nothing but creating the folder in the Teams associated SharePoint site. Before assigning the permissions or removing the permissions, you have to break the inheritance of the permission from the parent.

 

1. Please use the 'Send HTTP...' SharePoint action to break the inheritance and clear all the inherited permissions like shown below

image.png

 2. To find the role definition id, here I find the Contribute permission level id to assign to the user.

image.png

 3. The next step is to find the User's id, by using the action mentioned below. You have to pass the user's claims value to get the ID.

image.png

4Assign the permission to the user using user id and the role definition idimage.png

 

If everything goes well, only you and the student should see the folder. Try it and let us know if you have any issues.

 

 

Hope it helps, please like it or mark it as a solution if it resolves your clarification or issue
-Sudharsan K...


@sudharsan1985 wrote:

Hi @ArnaudB 

The images are working now but I am sorry, I couldn't understand the language. Creating folders in the Files tab of the Teams Channel is nothing but creating the folder in the Teams associated SharePoint site. Before assigning the permissions or removing the permissions, you have to break the inheritance of the permission from the parent.

 


I agree with the first point (Folder in Files tab in Teams = folder in SharePoint Site) ;-).
I have just thought that breaking inheritance could be done with the Flow "block" (?) : STOP SHARING A FILE as said in many docs and tutos.

There is here something with i don't figure out / don't understand.

And... thanks a lot to try understand my langage. Sorry.

 

Hi, you are right there is an action 'Stop sharing an item or file' but you can't use a folder as an item for this action.
Hope it helps, please like it or mark it as a solution if it resolves your clarification or issue
-Sudharsan K...

View solution in original post

Hello @sudharsan1985 !

 

Aaaahh, that's why it doesn't work !
So i may go around  : one folder by student with access for all (inheritance) but each new file in the folder of student XXX is a trigger for stopping sharing this new file and granting specific access. It sounds to me like an acceptable solution. I will try.

 

Thanks for your time and precious advices.

Arnaud.

Hi, if you restrict the folder to yourself and the student, then the files inside the folder will inherit the permission of the folder by default and there is no need to break the inheritance of each file and do the same.
Hope it helps, please like it or mark it as a solution if it resolves your clarification or issue
-Sudharsan K...

I understand and i am able (i think) to do it with your advices, but all the teachers around me will not be able except if i use dynamic variables in the script and share it with them... hmmm... I will consider this possibility ;-).

 

Thanks.

Hello @sudharsan1985 

 

If you have time, i would like to have some explanations. I have 2 possibilities.

 

Possibility 1:

  1. The teacher creates an xlsx file with students's email and saves it on his OneDrive Business.
  2. Flow gets O365 teacher's profil...
  3. ... and lists rows in the xlsx file on teacher's drive.
  4. For each loop : CREATE A FOLDER named with students's email (or name from xlsx file);

 

The next step is to break inheritance on the folder and grant edit access to the students. But these actions need to get new folder'ID : i don't know how. On your captures, i can read  : 'list name' in the API REST. What is it please ?

 

Possibility 2 :

  1. The teacher creates manually a folder named DEPOT_DE_TRAVAUX and manually restrict the access (no access for visitors and members) : so, each new folder created in it can be view/edit only by the teacher and the student by inheritance.
  2. The teacher creates an xlsx file with students's email and saves it on his OneDrive Business.
  3. Flow gets O365 teacher's profil... ... and lists rows in the xlsx file on teacher's drive.
  4. For each loop : CREATE A FOLDER named with students's email (or name from xlsx file) Grant access to the student (edit mode).

Once again, i have to get the new folder's ID...

 

fig3.png

 

Your advices are welcome ;-).

Arnaud.

Good evening,

 

I think i have understood :

- the 'Listname' is a SP List in which you have written the name of the folder ? If it's correct, is there a way not to use a SP List ?
This or something like below could be a clue/way ? 

_api/V2.0/drive/root/Documents/{id of the folder}......

- using 'data operations', i got the ID of my new folder i was looking for ;-).

 

Thanks !

 

Hello,

 

I've gone forward
I am able to create one folder per student listed in excel file and grant edit access.

So i have decided to choose a way between the two i mentioned ; the flow must :

- create a folder named 'works' (for example...),

- break inheritance for it,

- create one subfolder per student in it,-

- grant edit access for each folder/student.

 

I am near from the solution, but Break inheritance is the last point i fall.

It seems that the process is too long, and ends by time-out. I had a look in 'result' and i saw : 'bad gateway'.

Could anyone give me a clue about this ?

 

fig4.png

 

Thank you,

Arnaud.

 

I have solved it.

My Uri wal bad formatted.

Now, my flow works !

Thanks.

Helpful resources

Announcements
UG GA Amplification 768x460.png

Launching new user group features

Learn how to create your own user groups today!

Community Connections 768x460.jpg

Community & How To Videos

Check out the new Power Platform Community Connections gallery!

M365 768x460.jpg

Microsoft 365 Collaboration Conference | December 7–9, 2021

Join us, in-person, December 7–9 in Las Vegas, for the largest gathering of the Microsoft community in the world.

Users online (1,766)