group:evaluateDynamicMembership
命名空间:microsoft.graph
重要
Microsoft Graph版本下的 /beta API 可能会发生更改。 不支持在生产应用程序中使用这些 API。 若要确定 API 是否在 v1.0 中可用,请使用 版本 选择器。
评估用户或设备是否为动态组的成员。 会返回成员资格规则以及评估中使用的其他详细信息。 可以通过以下方式完成此操作:
- 评估用户或设备是否是指定动态组的成员。
- 根据用户或设备的 ID 和成员身份规则评估用户或设备是否是动态组的成员。
权限
要调用此 API,需要以下权限之一。要了解详细信息,包括如何选择权限的信息,请参阅权限。
使用成员 ID 和组 ID 评估动态成员身份
| 权限类型 |
权限(从最低特权到最高特权) |
| 委派(工作或学校帐户) |
对于用户:Group.Read.All 和 User.Read.All、Directory.Read.All
对于设备:Group.Read.All 和 Device.Read.All、Directory.Read.All |
| 委派(个人 Microsoft 帐户) |
不支持。 |
| 应用程序 |
不支持。 |
使用成员 ID 和成员身份规则评估动态成员身份
| 权限类型 |
权限(从最低特权到最高特权) |
| 委派(工作或学校帐户) |
对于用户:User.Read.All、Directory.Read.All
对于设备:Device.Read.All、Directory.Read.All |
| 委派(个人 Microsoft 帐户) |
不支持。 |
| 应用程序 |
不支持。 |
HTTP 请求
POST /groups/{id}/evaluateDynamicMembership
POST /groups/evaluateDynamicMembership
| 名称 |
说明 |
| Authorization |
持有者 {token} |
| Content-type |
application/json |
请求正文
在请求正文中,提供所需的属性。
下表列出了评估组成员身份时所需的属性。
| 参数 |
类型 |
说明 |
| memberId |
String collection |
memberId 是要评估的用户或设备的对象 ID。 |
| membershipRule |
String collection |
用于成员资格评估的规则。 如果未提供此属性,则会评估现有组的规则。 如果提供了此属性,则会评估用户或设备是否可以加入具有相同规则的组。 有关详细信息,请参阅 Azure Active Directory 中的组动态成员资格规则。 |
响应
如果成功,此方法将返回 200 OK 响应代码和 evaluateDynamicMembershipResult 对象。
示例
示例 1:评估用户或设备是否是现有组的成员
请求
下面展示了示例请求。
POST https://graph.microsoft.com/beta/groups/{id}/evaluateDynamicMembership
Content-type: application/json
{
"memberId": "319b41e8-d9e4-42f8-bdc9-741113f48b33"
}
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var memberId = "319b41e8-d9e4-42f8-bdc9-741113f48b33";
await graphClient.Groups["{group-id}"]
.EvaluateDynamicMembership(memberId)
.Request()
.PostAsync();
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var memberId = "319b41e8-d9e4-42f8-bdc9-741113f48b33";
await graphClient.Groups["{group-id}"]
.EvaluateDynamicMembership(memberId)
.Request()
.PostAsync();
const options = {
authProvider,
};
const client = Client.init(options);
const evaluateDynamicMembershipResult = {
memberId: '319b41e8-d9e4-42f8-bdc9-741113f48b33'
};
await client.api('/groups/{id}/evaluateDynamicMembership')
.version('beta')
.post(evaluateDynamicMembershipResult);
const options = {
authProvider,
};
const client = Client.init(options);
const evaluateDynamicMembershipResult = {
memberId: '319b41e8-d9e4-42f8-bdc9-741113f48b33'
};
await client.api('/groups/{id}/evaluateDynamicMembership')
.version('beta')
.post(evaluateDynamicMembershipResult);
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/beta/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/groups/{id}/evaluateDynamicMembership"]]];
[urlRequest setHTTPMethod:@"POST"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];
NSMutableDictionary *payloadDictionary = [[NSMutableDictionary alloc] init];
NSString *memberId = @"319b41e8-d9e4-42f8-bdc9-741113f48b33";
payloadDictionary[@"memberId"] = memberId;
NSData *data = [NSJSONSerialization dataWithJSONObject:payloadDictionary options:kNilOptions error:&error];
[urlRequest setHTTPBody:data];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
//Request Completed
}];
[meDataTask execute];
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/beta/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/groups/{id}/evaluateDynamicMembership"]]];
[urlRequest setHTTPMethod:@"POST"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];
NSMutableDictionary *payloadDictionary = [[NSMutableDictionary alloc] init];
NSString *memberId = @"319b41e8-d9e4-42f8-bdc9-741113f48b33";
payloadDictionary[@"memberId"] = memberId;
NSData *data = [NSJSONSerialization dataWithJSONObject:payloadDictionary options:kNilOptions error:&error];
[urlRequest setHTTPBody:data];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
//Request Completed
}];
[meDataTask execute];
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
String memberId = "319b41e8-d9e4-42f8-bdc9-741113f48b33";
graphClient.groups("{id}")
.evaluateDynamicMembership(GroupEvaluateDynamicMembershipParameterSet
.newBuilder()
.withMemberId(memberId)
.build())
.buildRequest()
.post();
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
String memberId = "319b41e8-d9e4-42f8-bdc9-741113f48b33";
graphClient.groups("{id}")
.evaluateDynamicMembership(GroupEvaluateDynamicMembershipParameterSet
.newBuilder()
.withMemberId(memberId)
.build())
.buildRequest()
.post();
//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
requestBody := msgraphsdk.NewMemberIdRequestBody()
memberId := "319b41e8-d9e4-42f8-bdc9-741113f48b33"
requestBody.SetMemberId(&memberId)
groupId := "group-id"
result, err := graphClient.GroupsById(&groupId).EvaluateDynamicMembership(group-id).Post(requestBody)
//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
requestBody := msgraphsdk.NewMemberIdRequestBody()
memberId := "319b41e8-d9e4-42f8-bdc9-741113f48b33"
requestBody.SetMemberId(&memberId)
groupId := "group-id"
result, err := graphClient.GroupsById(&groupId).EvaluateDynamicMembership(group-id).Post(requestBody)
Import-Module Microsoft.Graph.Groups
$params = @{
MemberId = "319b41e8-d9e4-42f8-bdc9-741113f48b33"
}
Test-MgGroupDynamicMembership -GroupId $groupId -BodyParameter $params
Import-Module Microsoft.Graph.Groups
$params = @{
MemberId = "319b41e8-d9e4-42f8-bdc9-741113f48b33"
}
Test-MgGroupDynamicMembership -GroupId $groupId -BodyParameter $params
响应
下面展示了示例响应。
HTTP/1.1 200 OK
Content-type: application/json
{
"membershipRule": "(user.displayName -startsWith \"EndTestUser\")",
"membershipRuleEvaluationResult": true,
"membershipRuleEvaluationDetails": {
"expressionResult": true,
"expression": "user.displayName -startsWith \"EndTestUser\"",
"propertyToEvaluate": {
"propertyName": "displayName",
"propertyValue": "EndTestUser001"
}
}
}
示例 2:根据成员身份规则评估用户或设备是否为组的成员
请求
下面展示了示例请求。
POST https://graph.microsoft.com/beta/groups/evaluateDynamicMembership
Content-type: application/json
{
"memberId": "319b41e8-d9e4-42f8-bdc9-741113f48b33",
"membershipRule": "(user.displayName -startsWith \"EndTestUser\")"
}
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var memberId = "319b41e8-d9e4-42f8-bdc9-741113f48b33";
var membershipRule = "(user.displayName -startsWith \"EndTestUser\")";
await graphClient.Groups
.EvaluateDynamicMembership(memberId,membershipRule)
.Request()
.PostAsync();
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var memberId = "319b41e8-d9e4-42f8-bdc9-741113f48b33";
var membershipRule = "(user.displayName -startsWith \"EndTestUser\")";
await graphClient.Groups
.EvaluateDynamicMembership(memberId,membershipRule)
.Request()
.PostAsync();
const options = {
authProvider,
};
const client = Client.init(options);
const evaluateDynamicMembershipResult = {
memberId: '319b41e8-d9e4-42f8-bdc9-741113f48b33',
membershipRule: '(user.displayName -startsWith \"EndTestUser\")'
};
await client.api('/groups/evaluateDynamicMembership')
.version('beta')
.post(evaluateDynamicMembershipResult);
const options = {
authProvider,
};
const client = Client.init(options);
const evaluateDynamicMembershipResult = {
memberId: '319b41e8-d9e4-42f8-bdc9-741113f48b33',
membershipRule: '(user.displayName -startsWith \"EndTestUser\")'
};
await client.api('/groups/evaluateDynamicMembership')
.version('beta')
.post(evaluateDynamicMembershipResult);
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/beta/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/groups/evaluateDynamicMembership"]]];
[urlRequest setHTTPMethod:@"POST"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];
NSMutableDictionary *payloadDictionary = [[NSMutableDictionary alloc] init];
NSString *memberId = @"319b41e8-d9e4-42f8-bdc9-741113f48b33";
payloadDictionary[@"memberId"] = memberId;
NSString *membershipRule = @"(user.displayName -startsWith "EndTestUser")";
payloadDictionary[@"membershipRule"] = membershipRule;
NSData *data = [NSJSONSerialization dataWithJSONObject:payloadDictionary options:kNilOptions error:&error];
[urlRequest setHTTPBody:data];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
//Request Completed
}];
[meDataTask execute];
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/beta/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/groups/evaluateDynamicMembership"]]];
[urlRequest setHTTPMethod:@"POST"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];
NSMutableDictionary *payloadDictionary = [[NSMutableDictionary alloc] init];
NSString *memberId = @"319b41e8-d9e4-42f8-bdc9-741113f48b33";
payloadDictionary[@"memberId"] = memberId;
NSString *membershipRule = @"(user.displayName -startsWith "EndTestUser")";
payloadDictionary[@"membershipRule"] = membershipRule;
NSData *data = [NSJSONSerialization dataWithJSONObject:payloadDictionary options:kNilOptions error:&error];
[urlRequest setHTTPBody:data];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
//Request Completed
}];
[meDataTask execute];
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
String memberId = "319b41e8-d9e4-42f8-bdc9-741113f48b33";
String membershipRule = "(user.displayName -startsWith "EndTestUser")";
graphClient.groups()
.evaluateDynamicMembership(GroupEvaluateDynamicMembershipParameterSet
.newBuilder()
.withMemberId(memberId)
.withMembershipRule(membershipRule)
.build())
.buildRequest()
.post();
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
String memberId = "319b41e8-d9e4-42f8-bdc9-741113f48b33";
String membershipRule = "(user.displayName -startsWith "EndTestUser")";
graphClient.groups()
.evaluateDynamicMembership(GroupEvaluateDynamicMembershipParameterSet
.newBuilder()
.withMemberId(memberId)
.withMembershipRule(membershipRule)
.build())
.buildRequest()
.post();
//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
requestBody := msgraphsdk.New()
memberId := "319b41e8-d9e4-42f8-bdc9-741113f48b33"
requestBody.SetMemberId(&memberId)
membershipRule := "(user.displayName -startsWith "EndTestUser")"
requestBody.SetMembershipRule(&membershipRule)
result, err := graphClient.Groups().EvaluateDynamicMembership().Post(requestBody)
//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
requestBody := msgraphsdk.New()
memberId := "319b41e8-d9e4-42f8-bdc9-741113f48b33"
requestBody.SetMemberId(&memberId)
membershipRule := "(user.displayName -startsWith "EndTestUser")"
requestBody.SetMembershipRule(&membershipRule)
result, err := graphClient.Groups().EvaluateDynamicMembership().Post(requestBody)
Import-Module Microsoft.Graph.Groups
$params = @{
MemberId = "319b41e8-d9e4-42f8-bdc9-741113f48b33"
MembershipRule = "(user.displayName -startsWith "EndTestUser")"
}
Test-MgGroupDynamicMembershipRule -BodyParameter $params
响应
下面展示了示例响应。
HTTP/1.1 200 OK
Content-type: application/json
{
"membershipRule": "(user.displayName -startsWith \"EndTestUser\")",
"membershipRuleEvaluationResult": true,
"membershipRuleEvaluationDetails": {
"expressionResult": true,
"expression": "user.displayName -startsWith \"EndTestUser\"",
"propertyToEvaluate": {
"propertyName": "displayName",
"propertyValue": "EndTestUser001"
}
}
}