我尝试向 Sharepoint 驱动器文件夹上的现有用户 (Office 365) 授予读取或写入访问权限,但没有成功。
使用 Graph Explorer,URL 如下所示:
https://graph.microsoft.com/v1.0/sites/{site id}/drive/items/{folder id}/permissions
我可以使用
GET
方法获得实际权限,但是使用 POST
方法和此主体,我收到无效请求:
{
"grantedToV2": {
"user": {
"id": "xxxxxxx",
"displayName": "xxx xxx"
}
},
"roles": [
"read"
]
}
我也尝试使用 powershell SDK 和 New-MgDriveItemPermission 但没有成功。
欢迎任何帮助!
为了添加权限,您必须向以下端点发出
POST
请求:
https://graph.microsoft.com/v1.0/sites/{site-id}/drive/items/{folder-id}/invite
正文包含有关邀请请求的所有信息,如下例所示:
{
"requireSignIn": false,
"sendInvitation": false,
"roles": [ "read | write"],
"recipients": [
{
"email": "{email of the user}"
}
],
"message": "string"
}
如果您的请求成功,您将收到以下格式的回复:
Status: 200
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#Collection(permission)",
"value": [
{
"@odata.type": "#microsoft.graph.permission",
"id": "<some id>",
"roles": [
"write"
],
"grantedTo": {
"user": {
"email": "<user>@<tenant>.onmicrosoft.com",
"id": "<some id>",
"displayName": "<user's display name>"
}
}
}
]
}
下面我将与您分享创建成功请求后从 Graph Explorer 获取的代码片段:
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var recipients = new List<DriveRecipient>()
{
new DriveRecipient
{
Email = "<user>@<tenant>.onmicrosoft.com"
}
};
var message = "Here's the file that we're collaborating on.";
var requireSignIn = true;
var sendInvitation = true;
var roles = new List<String>()
{
"write"
};
await graphClient.Sites["root"].Drive.Items["<folder-id>"]
.Invite(recipients,requireSignIn,roles,sendInvitation,message,null,null,null)
.Request()
.PostAsync();
我们也为此苦苦挣扎。感谢 @jimas13 的回答,我们找到了正确的 PowerShell 等效代码来使用 GraphAPI 设置 SharePoint 文档库的权限:
$params = @{
recipients = @(
@{
email = '[email protected]'
}
)
message = "Here's the file that we're collaborating on."
requireSignIn = $true
sendInvitation = $false
roles = @('read')
}
Invoke-MgInviteDriveItem -DriveId $drive.Id -DriveItemId $folder.id -BodyParameter $params
$params = @{
Uri = "v1.0/sites/$($site.Id)/drive/items/$($folder.id)/invite"
# Uri = "v1.0//drives/$($drive.Id)/items/$($folder.id)/invite"
Body = @{
requireSignIn = $true
sendInvitation = $false
roles = @('read')
recipients = @(
@{
email = '[email protected]'
}
)
message = 'Granted read permissions on folder'
}
Method = 'POST'
}
Invoke-MgGraphRequest @params
$params = @{
Uri = "v1.0/sites/$($site.Id)/drive/items/$($folder.id)/invite"
# Uri = "v1.0//drives/$($drive.Id)/items/$($folder.id)/invite"
Body = (@{
requireSignIn = $true
sendInvitation = $false
roles = @('read')
recipients = @(
@{
email = '[email protected]'
}
)
message = 'Granted read permissions on folder'
} | ConvertTo-Json)
Method = 'POST'
ContentType = 'application/json'
}
Invoke-MgGraphRequest @params
这 3 个示例是使用 PowerShell 版本
7.4
和 Graph 模块版本 2.16.0
进行测试的