更新 accessReviewInstance
命名空间:microsoft.graph
更新 accessReviewInstance 对象的 属性。 只能更新 审阅者 和 fallbackReviewers 属性,但请求正文中也需要 范围 属性。 只能将审阅者添加到 fallbackReviewers 属性,但不能删除现有的 FallbackReviewers。
若要更新 accessReviewInstance,其 状态 必须是 InProgress。
备注
更新 accessReviewInstance 将仅更新该实例。 父 accessReviewScheduleDefinition 和任何将来 的 accessReviewInstance 对象不会更改。 若要进行适用于所有未来实例的更新,请更新父 accessReviewScheduleDefinition 对象。
权限
要调用此 API,需要以下权限之一。要了解详细信息,包括如何选择权限的信息,请参阅权限。
| 权限类型 |
权限(从最低特权到最高特权) |
| 委派(工作或学校帐户) |
AccessReview.ReadWrite.All |
| 委派(个人 Microsoft 帐户) |
不支持。 |
| 应用 |
AccessReview.ReadWrite.All |
HTTP 请求
PUT /identityGovernance/accessReviews/definitions/{accessReviewScheduleDefinitionId}/instances/{accessReviewInstanceId}
| 名称 |
说明 |
| Authorization |
Bearer {token}。必需。 |
| Content-Type |
application/json. Required. |
请求正文
在请求正文中,仅 提供应更新的属性的值。未包含在请求正文中的现有属性将保留其以前的值或根据对其他属性值的更改重新计算。
下表指定可以更新的属性。
响应
如果成功,此方法在响应正文中返回 200 OK 响应代码和更新的 accessReviewInstance 对象。
尝试删除现有 fallbackReviewers 将返回 409 Conflict 响应代码。
示例
请求
PATCH https://graph.microsoft.com/v1.0/identityGovernance/accessReviews/definitions/5dcfcc88-da88-4252-8629-a0807b4b076d/instances/720b8ee0-cee4-42ac-b164-894c48703acc
Content-Type: application/json
{
"scope": {
"@odata.type": "#microsoft.graph.principalResourceMembershipsScope",
"principalScopes": [
{
"@odata.type": "#microsoft.graph.accessReviewQueryScope",
"query": "/v1.0/users",
"queryType": "MicrosoftGraph"
},
{
"@odata.type": "#microsoft.graph.accessReviewQueryScope",
"query": "/v1.0/groups",
"queryType": "MicrosoftGraph"
}
],
"resourceScopes": [
{
"@odata.type": "#microsoft.graph.accessReviewQueryScope",
"query": "/beta/roleManagement/directory/roleDefinitions/9b895d92-2cd3-44c7-9d02-a6ac2d5ea5c3",
"queryType": "MicrosoftGraph"
}
]
},
"reviewers": [
{
"query": "/users/1ed8ac56-4827-4733-8f80-86adc2e67db5",
"queryType": "MicrosoftGraph"
}
],
"fallbackReviewers": [
{
"query": "/users/4562bcc8-c436-4f95-b7c0-4f8ce89dca5e",
"queryType": "MicrosoftGraph"
},
{
"query": "/users/1ed8ac56-4827-4733-8f80-86adc2e67db5",
"queryType": "MicrosoftGraph"
}
]
}
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var accessReviewInstance = new AccessReviewInstance
{
Scope = new PrincipalResourceMembershipsScope
{
PrincipalScopes = new List<AccessReviewScope>()
{
new AccessReviewQueryScope
{
Query = "/v1.0/users",
QueryType = "MicrosoftGraph"
},
new AccessReviewQueryScope
{
Query = "/v1.0/groups",
QueryType = "MicrosoftGraph"
}
},
ResourceScopes = new List<AccessReviewScope>()
{
new AccessReviewQueryScope
{
Query = "/beta/roleManagement/directory/roleDefinitions/9b895d92-2cd3-44c7-9d02-a6ac2d5ea5c3",
QueryType = "MicrosoftGraph"
}
}
},
Reviewers = new List<AccessReviewReviewerScope>()
{
new AccessReviewReviewerScope
{
Query = "/users/1ed8ac56-4827-4733-8f80-86adc2e67db5",
QueryType = "MicrosoftGraph"
}
},
FallbackReviewers = new List<AccessReviewReviewerScope>()
{
new AccessReviewReviewerScope
{
Query = "/users/4562bcc8-c436-4f95-b7c0-4f8ce89dca5e",
QueryType = "MicrosoftGraph"
},
new AccessReviewReviewerScope
{
Query = "/users/1ed8ac56-4827-4733-8f80-86adc2e67db5",
QueryType = "MicrosoftGraph"
}
}
};
await graphClient.IdentityGovernance.AccessReviews.Definitions["{accessReviewScheduleDefinition-id}"].Instances["{accessReviewInstance-id}"]
.Request()
.UpdateAsync(accessReviewInstance);
有关如何将 SDK 添加 到项目并 创建 authProvider 实例的 详细信息,请参阅 SDK 文档。
const options = {
authProvider,
};
const client = Client.init(options);
const accessReviewInstance = {
scope: {
'@odata.type': '#microsoft.graph.principalResourceMembershipsScope',
principalScopes: [
{
'@odata.type': '#microsoft.graph.accessReviewQueryScope',
query: '/v1.0/users',
queryType: 'MicrosoftGraph'
},
{
'@odata.type': '#microsoft.graph.accessReviewQueryScope',
query: '/v1.0/groups',
queryType: 'MicrosoftGraph'
}
],
resourceScopes: [
{
'@odata.type': '#microsoft.graph.accessReviewQueryScope',
query: '/beta/roleManagement/directory/roleDefinitions/9b895d92-2cd3-44c7-9d02-a6ac2d5ea5c3',
queryType: 'MicrosoftGraph'
}
]
},
reviewers: [
{
query: '/users/1ed8ac56-4827-4733-8f80-86adc2e67db5',
queryType: 'MicrosoftGraph'
}
],
fallbackReviewers: [
{
query: '/users/4562bcc8-c436-4f95-b7c0-4f8ce89dca5e',
queryType: 'MicrosoftGraph'
},
{
query: '/users/1ed8ac56-4827-4733-8f80-86adc2e67db5',
queryType: 'MicrosoftGraph'
}
]
};
await client.api('/identityGovernance/accessReviews/definitions/5dcfcc88-da88-4252-8629-a0807b4b076d/instances/720b8ee0-cee4-42ac-b164-894c48703acc')
.update(accessReviewInstance);
有关如何将 SDK 添加 到项目并 创建 authProvider 实例的 详细信息,请参阅 SDK 文档。
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/v1.0/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/identityGovernance/accessReviews/definitions/5dcfcc88-da88-4252-8629-a0807b4b076d/instances/720b8ee0-cee4-42ac-b164-894c48703acc"]]];
[urlRequest setHTTPMethod:@"PATCH"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];
MSGraphAccessReviewInstance *accessReviewInstance = [[MSGraphAccessReviewInstance alloc] init];
MSGraphAccessReviewScope *scope = [[MSGraphAccessReviewScope alloc] init];
NSMutableArray *principalScopesList = [[NSMutableArray alloc] init];
MSGraphAccessReviewScope *principalScopes = [[MSGraphAccessReviewScope alloc] init];
[principalScopes setQuery:@"/v1.0/users"];
[principalScopes setQueryType:@"MicrosoftGraph"];
[principalScopesList addObject: principalScopes];
MSGraphAccessReviewScope *principalScopes = [[MSGraphAccessReviewScope alloc] init];
[principalScopes setQuery:@"/v1.0/groups"];
[principalScopes setQueryType:@"MicrosoftGraph"];
[principalScopesList addObject: principalScopes];
[scope setPrincipalScopes:principalScopesList];
NSMutableArray *resourceScopesList = [[NSMutableArray alloc] init];
MSGraphAccessReviewScope *resourceScopes = [[MSGraphAccessReviewScope alloc] init];
[resourceScopes setQuery:@"/beta/roleManagement/directory/roleDefinitions/9b895d92-2cd3-44c7-9d02-a6ac2d5ea5c3"];
[resourceScopes setQueryType:@"MicrosoftGraph"];
[resourceScopesList addObject: resourceScopes];
[scope setResourceScopes:resourceScopesList];
[accessReviewInstance setScope:scope];
NSMutableArray *reviewersList = [[NSMutableArray alloc] init];
MSGraphAccessReviewReviewerScope *reviewers = [[MSGraphAccessReviewReviewerScope alloc] init];
[reviewers setQuery:@"/users/1ed8ac56-4827-4733-8f80-86adc2e67db5"];
[reviewers setQueryType:@"MicrosoftGraph"];
[reviewersList addObject: reviewers];
[accessReviewInstance setReviewers:reviewersList];
NSMutableArray *fallbackReviewersList = [[NSMutableArray alloc] init];
MSGraphAccessReviewReviewerScope *fallbackReviewers = [[MSGraphAccessReviewReviewerScope alloc] init];
[fallbackReviewers setQuery:@"/users/4562bcc8-c436-4f95-b7c0-4f8ce89dca5e"];
[fallbackReviewers setQueryType:@"MicrosoftGraph"];
[fallbackReviewersList addObject: fallbackReviewers];
MSGraphAccessReviewReviewerScope *fallbackReviewers = [[MSGraphAccessReviewReviewerScope alloc] init];
[fallbackReviewers setQuery:@"/users/1ed8ac56-4827-4733-8f80-86adc2e67db5"];
[fallbackReviewers setQueryType:@"MicrosoftGraph"];
[fallbackReviewersList addObject: fallbackReviewers];
[accessReviewInstance setFallbackReviewers:fallbackReviewersList];
NSError *error;
NSData *accessReviewInstanceData = [accessReviewInstance getSerializedDataWithError:&error];
[urlRequest setHTTPBody:accessReviewInstanceData];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
//Request Completed
}];
[meDataTask execute];
有关如何将 SDK 添加 到项目并 创建 authProvider 实例的 详细信息,请参阅 SDK 文档。
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
AccessReviewInstance accessReviewInstance = new AccessReviewInstance();
PrincipalResourceMembershipsScope scope = new PrincipalResourceMembershipsScope();
LinkedList<AccessReviewScope> principalScopesList = new LinkedList<AccessReviewScope>();
AccessReviewQueryScope principalScopes = new AccessReviewQueryScope();
principalScopes.query = "/v1.0/users";
principalScopes.queryType = "MicrosoftGraph";
principalScopesList.add(principalScopes);
AccessReviewQueryScope principalScopes1 = new AccessReviewQueryScope();
principalScopes1.query = "/v1.0/groups";
principalScopes1.queryType = "MicrosoftGraph";
principalScopesList.add(principalScopes1);
scope.principalScopes = principalScopesList;
LinkedList<AccessReviewScope> resourceScopesList = new LinkedList<AccessReviewScope>();
AccessReviewQueryScope resourceScopes = new AccessReviewQueryScope();
resourceScopes.query = "/beta/roleManagement/directory/roleDefinitions/9b895d92-2cd3-44c7-9d02-a6ac2d5ea5c3";
resourceScopes.queryType = "MicrosoftGraph";
resourceScopesList.add(resourceScopes);
scope.resourceScopes = resourceScopesList;
accessReviewInstance.scope = scope;
LinkedList<AccessReviewReviewerScope> reviewersList = new LinkedList<AccessReviewReviewerScope>();
AccessReviewReviewerScope reviewers = new AccessReviewReviewerScope();
reviewers.query = "/users/1ed8ac56-4827-4733-8f80-86adc2e67db5";
reviewers.queryType = "MicrosoftGraph";
reviewersList.add(reviewers);
accessReviewInstance.reviewers = reviewersList;
LinkedList<AccessReviewReviewerScope> fallbackReviewersList = new LinkedList<AccessReviewReviewerScope>();
AccessReviewReviewerScope fallbackReviewers = new AccessReviewReviewerScope();
fallbackReviewers.query = "/users/4562bcc8-c436-4f95-b7c0-4f8ce89dca5e";
fallbackReviewers.queryType = "MicrosoftGraph";
fallbackReviewersList.add(fallbackReviewers);
AccessReviewReviewerScope fallbackReviewers1 = new AccessReviewReviewerScope();
fallbackReviewers1.query = "/users/1ed8ac56-4827-4733-8f80-86adc2e67db5";
fallbackReviewers1.queryType = "MicrosoftGraph";
fallbackReviewersList.add(fallbackReviewers1);
accessReviewInstance.fallbackReviewers = fallbackReviewersList;
graphClient.identityGovernance().accessReviews().definitions("5dcfcc88-da88-4252-8629-a0807b4b076d").instances("720b8ee0-cee4-42ac-b164-894c48703acc")
.buildRequest()
.patch(accessReviewInstance);
有关如何将 SDK 添加 到项目并 创建 authProvider 实例的 详细信息,请参阅 SDK 文档。
//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
requestBody := msgraphsdk.NewAccessReviewInstance()
scope := msgraphsdk.NewAccessReviewScope()
requestBody.SetScope(scope)
scope.SetAdditionalData(map[string]interface{}{
"@odata.type": "#microsoft.graph.principalResourceMembershipsScope",
"principalScopes": []Object {
}
"resourceScopes": []Object {
}
}
requestBody.SetReviewers( []AccessReviewReviewerScope {
msgraphsdk.NewAccessReviewReviewerScope(),
query := "/users/1ed8ac56-4827-4733-8f80-86adc2e67db5"
SetQuery(&query)
queryType := "MicrosoftGraph"
SetQueryType(&queryType)
}
requestBody.SetFallbackReviewers( []AccessReviewReviewerScope {
msgraphsdk.NewAccessReviewReviewerScope(),
query := "/users/4562bcc8-c436-4f95-b7c0-4f8ce89dca5e"
SetQuery(&query)
queryType := "MicrosoftGraph"
SetQueryType(&queryType)
msgraphsdk.NewAccessReviewReviewerScope(),
query := "/users/1ed8ac56-4827-4733-8f80-86adc2e67db5"
SetQuery(&query)
queryType := "MicrosoftGraph"
SetQueryType(&queryType)
}
accessReviewScheduleDefinitionId := "accessReviewScheduleDefinition-id"
accessReviewInstanceId := "accessReviewInstance-id"
graphClient.IdentityGovernance().AccessReviews().DefinitionsById(&accessReviewScheduleDefinitionId).InstancesById(&accessReviewInstanceId).Patch(requestBody)
有关如何将 SDK 添加 到项目并 创建 authProvider 实例的 详细信息,请参阅 SDK 文档。
响应
注意: 为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 200 OK
Content-Type: application/json
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#identityGovernance/accessReviews/definitions('5dcfcc88-da88-4252-8629-a0807b4b076d')/instances/$entity",
"id": "720b8ee0-cee4-42ac-b164-894c48703acc",
"startDateTime": "2021-12-14T11:15:43.207Z",
"endDateTime": "2021-12-15T11:15:43.207Z",
"status": "InProgress",
"scope": {
"@odata.type": "#microsoft.graph.principalResourceMembershipsScope",
"principalScopes": [
{
"@odata.type": "#microsoft.graph.accessReviewQueryScope",
"query": "/v1.0/users",
"queryType": "MicrosoftGraph",
"queryRoot": null
},
{
"@odata.type": "#microsoft.graph.accessReviewQueryScope",
"query": "/v1.0/groups",
"queryType": "MicrosoftGraph",
"queryRoot": null
}
],
"resourceScopes": [
{
"@odata.type": "#microsoft.graph.accessReviewQueryScope",
"query": "/beta/roleManagement/directory/roleDefinitions/9b895d92-2cd3-44c7-9d02-a6ac2d5ea5c3",
"queryType": "MicrosoftGraph",
"queryRoot": null
}
]
},
"reviewers": [
{
"query": "/v1.0/users/4562bcc8-c436-4f95-b7c0-4f8ce89dca5e",
"queryType": "MicrosoftGraph",
"queryRoot": null
}
],
"fallbackReviewers": [
{
"query": "/v1.0/users/4562bcc8-c436-4f95-b7c0-4f8ce89dca5e",
"queryType": "MicrosoftGraph",
"queryRoot": null
},
{
"query": "/v1.0/users/1ed8ac56-4827-4733-8f80-86adc2e67db5",
"queryType": "MicrosoftGraph",
"queryRoot": null
}
]
}