question

09508315 avatar image
0 Votes"
09508315 asked 09508315 commented

I want to use SharePoint REST API to get and operate the permission value of a specific folder in Shared Documents.

I want to use SharePoint REST API to get and operate the permission value of a specific folder in Shared Documents.

The SharePoint REST API docs had a site-wide role permission operation "https: // <servername> / site / _api / web / RoleAssignments", but there is no mention of the specific folder access operation I want to do this time. was.

How do I make an HTTP request to change the permissions on a particular folder?
If you are familiar with this, please answer.

office-sharepoint-onlineoffice-sharepoint-server-developmentsharepoint-devsharepoint-workflow
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

RaytheonXie-MSFT avatar image
0 Votes"
RaytheonXie-MSFT answered 09508315 commented

Hi @09508315 ,
First we need to break role inheritance for the folder.

 function breakRoleInheritanceOfFile() { 
      $.ajax({
             url: siteurl + String.format("/_api/web/GetFolderByServerRelativeUrl('DocumentTest/test999')/ListItemAllFields/breakroleinheritance(true)"),
             type: "POST",
             contentType: "application/json;odata=verbose",
             headers: {
                 "Accept": "application/json;odata=verbose",
                 "X-RequestDigest": $("#__REQUESTDIGEST").val()
             },
             success: onQuerySucceeded,
             error: onQueryFailed
      });   
 }

Remove the current role assignment for the folder

 function remove(){
     $.ajax({
             url: siteurl + String.format("/_api/web/GetFolderByServerRelativeUrl('DocumentTest/test999')/ListItemAllFields/roleassignments/getbyprincipalid(11)"),
             method: "POST",
             headers: {
                    Authorization: "Bearer " + accessToken,
                    "accept": "application/json;odata=verbose",
                    "content-type": "application/json;odata=verbose",
                    "X-HTTP-Method": "DELETE"
             },
             success: onQuerySucceeded,
             error: onQueryFailed
     }); 
 }

Add the new role assignment for the folder

 function add(){
     $.ajax({
             url: siteurl + String.format("/_api/web/GetFolderByServerRelativeUrl('DocumentTest/test999')/ListItemAllFields/roleassignments/addroleassignment(principalid=11,roledefid=1073741829)"),
             method: "POST",
             headers: {
                    Authorization: "Bearer " + accessToken,
                    "accept": "application/json;odata=verbose",
                    "content-type": "application/json;odata=verbose"
             },
             success: onQuerySucceeded,
             error: onQueryFailed
     });     
 }

In order to use this API we need 'FullControl' permissions,So we need get Access Token by app


If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


· 6
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Mr.RaytheonXie

Thank you for your reply.

It was very helpful for me to write an example request.
I specified a principalID when removing permissions. How can I get this?
How can I get the permission list for a particular folder?
I think it would be convenient if there was a description of the principal ID there.

0 Votes 0 ·

Hi @09508315 ,
We can invoke following REST call in our Browser.

    http://siteurl/_api/web/siteusers

Then we can get the json data of the users in the site. The Id is principalid and the Title is the username.
And the roledefid corresponding permissions :
Full Control: 1073741829
Read: 1073741826
Contribute: 1073741827

0 Votes 0 ·
09508315 avatar image 09508315 RaytheonXie-MSFT ·

Mr.RaytheonXie

Thank you for your additional answers.
Thanks to you, I was able to perform the expected operation safely.
There are three authority IDs, full control, read, and editor. Is this fixed?

0 Votes 0 ·
Show more comments