列出 accessPackageResourceRoles
本文内容
命名空间:microsoft.graph
重要
Microsoft Graph版本下的 /beta API 可能会发生更改。 不支持在生产应用程序中使用这些 API。 若要确定 API 是否在 v1.0 中可用,请使用 版本 选择器。
在accessPackageCatalog 中检索 accessPackageResource 的accessPackageResourceRole 对象列表。 accessPackageResourceRequest 添加到目录中。 然后,调用方可以使用此角色列表来选择角色,随后创建 accessPackageResourceRoleScope 时需要此角色。
权限
要调用此 API,需要以下权限之一。要了解详细信息,包括如何选择权限的信息,请参阅权限 。
权限类型
权限(从最低特权到最高特权)
委派(工作或学校帐户)
EntitlementManagement.Read.All、EntitlementManagement.ReadWrite.All
委派(个人 Microsoft 帐户)
不支持。
应用程序
EntitlementManagement.Read.All、EntitlementManagement.ReadWrite.All
HTTP 请求
GET /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/accessPackageResourceRoles?$filter=(originSystem+eq+%27{originSystemType}%27+and+accessPackageResource/id+eq+%27{resourceId}%27)&$expand=accessPackageResource
可选的查询参数
此方法使用 OData 查询参数构造响应。 若要了解一般信息,请参阅 OData 查询参数 。
名称
说明
Authorization
Bearer {token}。必需。
请求正文
请勿提供此方法的请求正文。
响应
如果成功,此方法在响应正文中返回 响应代码和 200 OK accessPackageResourceRole 对象集合。
示例
示例 1:检索组的资源的角色
请求
下面展示了示例请求。
GET https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/15d889df-3eb8-4e9b-bfb4-b1908849aec4/accessPackageResourceRoles?$filter=(originSystem+eq+%27AadGroup%27+and+accessPackageResource/id+eq+%27a35bef72-a8aa-4ca3-af30-f6b2ece7208f%27)&$expand=accessPackageResource
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var accessPackageResourceRoles = await graphClient.IdentityGovernance.EntitlementManagement.AccessPackageCatalogs["{accessPackageCatalog-id}"].AccessPackageResourceRoles
.Request()
.Filter("(originSystem eq 'AadGroup' and accessPackageResource/id eq 'a35bef72-a8aa-4ca3-af30-f6b2ece7208f')")
.Expand("accessPackageResource/id%20eq%20'a35bef72-a8aa-4ca3-af30-f6b2ece7208f')")
.GetAsync();
const options = {
authProvider,
};
const client = Client.init(options);
let accessPackageResourceRoles = await client.api('/identityGovernance/entitlementManagement/accessPackageCatalogs/15d889df-3eb8-4e9b-bfb4-b1908849aec4/accessPackageResourceRoles')
.version('beta')
.filter('(originSystem eq \'AadGroup\' and accessPackageResource/id eq \'a35bef72-a8aa-4ca3-af30-f6b2ece7208f\')')
.expand('accessPackageResource/id%20eq%20\'a35bef72-a8aa-4ca3-af30-f6b2ece7208f\')')
.get();
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/beta/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/identityGovernance/entitlementManagement/accessPackageCatalogs/15d889df-3eb8-4e9b-bfb4-b1908849aec4/accessPackageResourceRoles?$filter=(originSystem%20eq%20'AadGroup'%20and%20accessPackageResource/id%20eq%20'a35bef72-a8aa-4ca3-af30-f6b2ece7208f')&$expand=accessPackageResource"]]];
[urlRequest setHTTPMethod:@"GET"];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
NSError *jsonError = nil;
MSCollection *collection = [[MSCollection alloc] initWithData:data error:&jsonError];
MSGraphAccessPackageResourceRole *accessPackageResourceRole = [[MSGraphAccessPackageResourceRole alloc] initWithDictionary:[[collection value] objectAtIndex: 0] error:&nserror];
}];
[meDataTask execute];
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
AccessPackageResourceRoleCollectionPage accessPackageResourceRoles = graphClient.identityGovernance().entitlementManagement().accessPackageCatalogs("15d889df-3eb8-4e9b-bfb4-b1908849aec4").accessPackageResourceRoles()
.buildRequest()
.filter("(originSystem eq 'AadGroup' and accessPackageResource/id eq 'a35bef72-a8aa-4ca3-af30-f6b2ece7208f')")
.expand("accessPackageResource/id%20eq%20'a35bef72-a8aa-4ca3-af30-f6b2ece7208f')")
.get();
//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
requestParameters := &msgraphsdk.AccessPackageResourceRolesRequestBuilderGetQueryParameters{
Filter: "(originSystem%20eq%20'AadGroup'%20and%20accessPackageResource/id%20eq%20'a35bef72-a8aa-4ca3-af30-f6b2ece7208f')",
Expand: "accessPackageResource",
}
options := &msgraphsdk.AccessPackageResourceRolesRequestBuilderGetRequestConfiguration{
QueryParameters: requestParameters,
}
accessPackageCatalogId := "accessPackageCatalog-id"
result, err := graphClient.IdentityGovernance().EntitlementManagement().AccessPackageCatalogsById(&accessPackageCatalogId).AccessPackageResourceRoles().GetWithRequestConfigurationAndResponseHandler(options, nil)
Import-Module Microsoft.Graph.Identity.Governance
Get-MgEntitlementManagementAccessPackageCatalogAccessPackageResourceRole -AccessPackageCatalogId $accessPackageCatalogId -Filter "(originSystem eq 'AadGroup' and accessPackageResource/id eq 'a35bef72-a8aa-4ca3-af30-f6b2ece7208f')" -ExpandProperty "accessPackageResource"
响应
下面展示了示例响应。
注意: 为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 200 OK
Content-type: application/json
{
"value": [
{
"id": "id-value",
"displayName": "Member",
"description": "description-value",
"originId": "originId-value",
"originSystem": "originSystem-value"
}
]
}
示例 2:检索 SharePoint Online 网站的资源角色
这是检索资源的角色以获取每个角色的 originId 的示例。 在将 SharePoint Online 网站作为资源添加到目录后,这将使用,因为需要角色的 originId 才能将角色添加到访问包。
请求
下面是一个请求示例,用于检索特定资源 53c71803-a0a8-4777-aecc-075de8ee3991 的角色,该资源具有 SharePointOnline 的 originSystem, 位于目录 beedadfe-01d5-4025-910b-84abb9369997 中 。
GET https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/beedadfe-01d5-4025-910b-84abb9369997/accessPackageResourceRoles?$filter=(originSystem+eq+%27SharePointOnline%27+and+accessPackageResource/id+eq+%2753c71803-a0a8-4777-aecc-075de8ee3991%27)&$select=displayName,originId
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var accessPackageResourceRoles = await graphClient.IdentityGovernance.EntitlementManagement.AccessPackageCatalogs["{accessPackageCatalog-id}"].AccessPackageResourceRoles
.Request()
.Filter("(originSystem eq 'SharePointOnline' and accessPackageResource/id eq '53c71803-a0a8-4777-aecc-075de8ee3991')")
.Select("displayName,originId")
.GetAsync();
const options = {
authProvider,
};
const client = Client.init(options);
let accessPackageResourceRoles = await client.api('/identityGovernance/entitlementManagement/accessPackageCatalogs/beedadfe-01d5-4025-910b-84abb9369997/accessPackageResourceRoles')
.version('beta')
.filter('(originSystem eq \'SharePointOnline\' and accessPackageResource/id eq \'53c71803-a0a8-4777-aecc-075de8ee3991\')')
.select('displayName,originId')
.get();
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/beta/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/identityGovernance/entitlementManagement/accessPackageCatalogs/beedadfe-01d5-4025-910b-84abb9369997/accessPackageResourceRoles?$filter=(originSystem%20eq%20'SharePointOnline'%20and%20accessPackageResource/id%20eq%20'53c71803-a0a8-4777-aecc-075de8ee3991')&$select=displayName,originId"]]];
[urlRequest setHTTPMethod:@"GET"];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
NSError *jsonError = nil;
MSCollection *collection = [[MSCollection alloc] initWithData:data error:&jsonError];
MSGraphAccessPackageResourceRole *accessPackageResourceRole = [[MSGraphAccessPackageResourceRole alloc] initWithDictionary:[[collection value] objectAtIndex: 0] error:&nserror];
}];
[meDataTask execute];
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
AccessPackageResourceRoleCollectionPage accessPackageResourceRoles = graphClient.identityGovernance().entitlementManagement().accessPackageCatalogs("beedadfe-01d5-4025-910b-84abb9369997").accessPackageResourceRoles()
.buildRequest()
.filter("(originSystem eq 'SharePointOnline' and accessPackageResource/id eq '53c71803-a0a8-4777-aecc-075de8ee3991')")
.select("displayName,originId")
.get();
//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
requestParameters := &msgraphsdk.AccessPackageResourceRolesRequestBuilderGetQueryParameters{
Filter: "(originSystem%20eq%20'SharePointOnline'%20and%20accessPackageResource/id%20eq%20'53c71803-a0a8-4777-aecc-075de8ee3991')",
Select: "displayName,originId",
}
options := &msgraphsdk.AccessPackageResourceRolesRequestBuilderGetRequestConfiguration{
QueryParameters: requestParameters,
}
accessPackageCatalogId := "accessPackageCatalog-id"
result, err := graphClient.IdentityGovernance().EntitlementManagement().AccessPackageCatalogsById(&accessPackageCatalogId).AccessPackageResourceRoles().GetWithRequestConfigurationAndResponseHandler(options, nil)
Import-Module Microsoft.Graph.Identity.Governance
Get-MgEntitlementManagementAccessPackageCatalogAccessPackageResourceRole -AccessPackageCatalogId $accessPackageCatalogId -Filter "(originSystem eq 'SharePointOnline' and accessPackageResource/id eq '53c71803-a0a8-4777-aecc-075de8ee3991')" -Property "displayName,originId"
响应
下面展示了示例响应。 displayName 与网站的 SharePoint Online 视图中显示的相同,而 originId 是由 SharePoint Online 为角色建立的基础标识符。
注意: 为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 200 OK
Content-type: application/json
{
"value": [
{
"displayName": "Contributors",
"originId": "4"
},
{
"displayName": "Creators",
"originId": "3"
},
{
"displayName": "Viewers",
"originId": "5"
}
]
}