permission： grant

项目
07/18/2022

命名空间：microsoft.graph

授予用户对由权限表示的链接 [的访问权限][]。

权限

要调用此 API，需要以下权限之一。要了解详细信息，包括如何选择权限的信息，请参阅权限。

权限类型	权限（从最低特权到最高特权）
委派（工作或学校帐户）	Files.ReadWrite、Files.ReadWrite.All、Sites.ReadWrite.All
委派（个人 Microsoft 帐户）	不支持
应用程序	Files.ReadWrite.All、Sites.ReadWrite.All

HTTP 请求

POST /shares/{encoded-sharing-url}/permission/grant

请求标头

名称	说明
Authorization	持有者 {token}。必需。

请求正文

在请求正文中，提供具有以下参数的 JSON 对象。

{
  "recipients": [
    { "@odata.type": "microsoft.graph.driveRecipient" }
  ],
  "roles": [ "read | write"]
}

参数	类型	说明
recipients	collection (driveRecipient)	将接收访问权限的收件人的集合。
角色	集合（字符串）	如果链接是"现有访问"链接，则指定要授予用户的角色。否则，必须与链接的角色匹配。

有关可用角色的列表，请参阅 roles 属性值。

响应

如果成功，此方法在响应200 OK正文中返回响应代码[][]和权限集合。

[成功后][]，将始终在"更新后"结果集返回表示已更新链接的权限。更新的链接可通过存在包含"scope"属性的"link"Facet 来标识。在某些情况下，更新的链接可能与原始链接具有不同的 URL，在这种情况下，应该使用新的 URL。

请参阅错误响应主题，详细了解错误返回方式。

示例

此示例向用户授予 john@contoso.com ryan@external.com 访问共享链接的权限，而无需修改链接的其他现有权限。

请求

POST https://graph.microsoft.com/v1.0/shares/{encoded-sharing-url}/permission/grant
Content-type: application/json

{
  "recipients": [
    {
      "email": "john@contoso.com"
    },
    {
      "email": "ryan@external.com"
    }
  ],
  "roles": ["read"]
}


GraphServiceClient graphClient = new GraphServiceClient( authProvider );

var recipients = new List<DriveRecipient>()
{
    new DriveRecipient
    {
        Email = "john@contoso.com"
    },
    new DriveRecipient
    {
        Email = "ryan@external.com"
    }
};

var roles = new List<String>()
{
    "read"
};

await graphClient.Shares["{sharedDriveItem-id}"].Permission
    .Grant(roles,recipients)
    .Request()
    .PostAsync();

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


const options = {
    authProvider,
};

const client = Client.init(options);

const permission = {
  recipients: [
    {
      email: 'john@contoso.com'
    },
    {
      email: 'ryan@external.com'
    }
  ],
  roles: ['read']
};

await client.api('/shares/{encoded-sharing-url}/permission/grant')
    .post(permission);

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];

NSString *MSGraphBaseURL = @"https://graph.microsoft.com/v1.0/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/shares/{encoded-sharing-url}/permission/grant"]]];
[urlRequest setHTTPMethod:@"POST"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];

NSMutableDictionary *payloadDictionary = [[NSMutableDictionary alloc] init];

NSMutableArray *recipientsList = [[NSMutableArray alloc] init];
MSGraphDriveRecipient *recipients = [[MSGraphDriveRecipient alloc] init];
[recipients setEmail:@"john@contoso.com"];
[recipientsList addObject: recipients];
MSGraphDriveRecipient *recipients = [[MSGraphDriveRecipient alloc] init];
[recipients setEmail:@"ryan@external.com"];
[recipientsList addObject: recipients];
payloadDictionary[@"recipients"] = recipientsList;

NSMutableArray *rolesList = [[NSMutableArray alloc] init];
[rolesList addObject: @"read"];
payloadDictionary[@"roles"] = rolesList;

NSData *data = [NSJSONSerialization dataWithJSONObject:payloadDictionary options:kNilOptions error:&error];
[urlRequest setHTTPBody:data];

MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest 
    completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {

        //Request Completed

}];

[meDataTask execute];

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();

LinkedList<DriveRecipient> recipientsList = new LinkedList<DriveRecipient>();
DriveRecipient recipients = new DriveRecipient();
recipients.email = "john@contoso.com";

recipientsList.add(recipients);
DriveRecipient recipients1 = new DriveRecipient();
recipients1.email = "ryan@external.com";

recipientsList.add(recipients1);

LinkedList<String> rolesList = new LinkedList<String>();
rolesList.add("read");

graphClient.shares("{encoded-sharing-url}").permission()
    .grant(PermissionGrantParameterSet
        .newBuilder()
        .withRoles(rolesList)
        .withRecipients(recipientsList)
        .build())
    .buildRequest()
    .post();

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)

requestBody := msgraphsdk.New()
requestBody.SetRecipients( []DriveRecipient {
    msgraphsdk.NewDriveRecipient(),
email := "john@contoso.com"
    SetEmail(&email)
    msgraphsdk.NewDriveRecipient(),
email := "ryan@external.com"
    SetEmail(&email)
}
requestBody.SetRoles( []String {
    "read",
}
sharedDriveItemId := "sharedDriveItem-id"
result, err := graphClient.SharesById(&sharedDriveItemId).Permission().Grant(sharedDriveItem-id).Post(requestBody)

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


Import-Module Microsoft.Graph.Files

$params = @{
    Recipients = @(
        @{
            Email = "john@contoso.com"
        }
        @{
            Email = "ryan@external.com"
        }
    )
    Roles = @(
        "read"
    )
}

Grant-MgSharePermission -SharedDriveItemId $sharedDriveItemId -BodyParameter $params

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。

响应

HTTP/1.1 200 OK
Content-type: application/json

{
  "value": [
    {
      "hasPassword": false,
      "id": "5fab944a-47ec-48d0-a9b5-5178a926d00f",
      "link": {
        "preventsDownload": false,
        "scope": "users",
        "type": "view",
        "webUrl": "https://contoso.sharepoint.com/:t:/g/design/EZexPoDjW4dMtKFUfAl6BK4BvIUuss52hLYzihBfx-PD6Q"
      },
      "roles": [
        "read"
      ]
    }
  ]
}

注意： 为了提高可读性，可能缩短了此处显示的响应对象。

如果链接是现有访问链接，将返回表示以下内容的其他权限：

表示已成功授予访问权限的收件人的用户类型权限。可通过 grantedTo 属性的存在来标识 这些属性。
链接类型权限，表示需要发送给无法识别的外部用户才能获得访问权限的邀请。可以通过存在邀请 Facet 来标识它们。这些条目将包含包含邀请 URL 的链接，grantedToIdentities 集合将指示链接应发送到的用户。

HTTP/1.1 200 OK
Content-type: application/json

{
  "value": [
    {
      "hasPassword": false,
      "id": "00000000-0000-0000-0000-000000000000",
      "link": {
        "preventsDownload": false,
        "scope": "existingAccess",
        "type": "view",
        "webUrl": "https://contoso.sharepoint.com/teams/design/shareddocs/Document.docx"
      },
      "roles": [
        "read"
      ]
    },
    {
      "grantedTo": {
        "user": {
          "displayName": "John Smith",
          "email": "john@contoso.com",
          "id": "47aecee2-d061-4730-8ecb-4c61360441ae"
        }
      },
      "id": "aTowIy5mfG1lbWJlcnNoaXB8bGltaXRlZDJAa2xhbW9kYi5vbm1pY3Jvc29mdC5jb20",
      "roles": [
        "read"
      ]
    },
    {
      "grantedToIdentities": [
        {
          "user": {
            "email": "ryan@external.com"
          }
        }
      ],
      "invitation": {
        "signInRequired": true
      },
      "roles": [
        "read"
      ],
      "link": {
        "type": "view",
        "webUrl": "https://contoso.sharepoint.com/:t:/g/teams/design/EZexPoDjW4dMtKFUfAl6BK4Bw_F7gFH63O310A7lDtK0mQ"
      }
    }
  ]
}

注意： 为了提高可读性，可能缩短了此处显示的响应对象。

permission： grant

权限

HTTP 请求

请求标头

请求正文

响应

示例

请求

响应

反馈