Skip to content

Latest commit

 

History

History
201 lines (153 loc) · 7.48 KB

driveitem-list-permissions.md

File metadata and controls

201 lines (153 loc) · 7.48 KB
Raw
author description ms.date title ms.localizationpriority ms.subservice doc_type
spgraph-docs-team
List the effective sharing permissions of on a driveItem.
09/10/2017
List sharing permissions on a driveItem
medium
sharepoint
apiPageType

List sharing permissions on a driveItem

Namespace: microsoft.graph

[!INCLUDE beta-disclaimer]

List the effective sharing permissions on a driveItem.

[!INCLUDE national-cloud-support]

Access to sharing permissions

The permissions collection includes potentially sensitive information and may not be available for every caller.

  • For the owner of the item, all sharing permissions are returned. It includes co-owners.
  • For a non-owner caller, only the sharing permissions that apply to the caller are returned.
  • Sharing permission properties that contain secrets (for example, shareId and webUrl) are only returned for callers that are able to create the sharing permission.

Permissions

Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.

[!INCLUDE permissions-table]

HTTP request

GET /drives/{drive-id}/items/{item-id}/permissions
GET /groups/{group-id}/drive/items/{item-id}/permissions
GET /me/drive/items/{item-id}/permissions
GET /me/drive/root:/{path}:/permissions
GET /sites/{siteId}/drive/items/{itemId}/permissions
GET /users/{userId}/drive/items/{itemId}/permissions

Optional query parameters

This method supports the $select OData Query Parameters to customize the response.

Optional request headers

Name Type Description
if-none-match string If this request header is included and the etag provided matches the current etag on the item, an HTTP 304 Not Modified response is returned.

Response

If successful, this method returns a 200 OK response code and collection of Permission resources in the response body.

Effective sharing permissions of a driveItem can come from two sources:

  • Sharing permissions applied directly on the driveItem itself
  • Sharing permissions inherited from the driveItem's ancestors

Callers can differentiate if the permission is inherited or not by checking the inheritedFrom property. This property is an itemReference resource referencing the ancestor that the permission is inherited from.

Example

This example retrieves the collection of permissions on an item in the signed in user's drive.

HTTP

GET /me/drive/items/{item-id}/permissions

C#

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

CLI

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Go

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Java

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

JavaScript

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

PHP

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

PowerShell

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Python

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Response

This example response includes three permissions, the first is a sharing link with edit permissions, the second is an explicit permission for a user named John, which was inherited from a parent folder, and the third is a read-write sharing link created by an application.

HTTP/1.1 200 OK
Content-Type: application/json


{
  "value": [
    {
      "id": "1",
      "roles": ["write"],
      "link": {
        "webUrl": "https://onedrive.live.com/redir?resid=5D33DD65C6932946!70859&authkey=!AL7N1QAfSWcjNU8&ithint=folder%2cgif",
        "type": "edit"
      }
    },
    {
      "id": "2",
      "@deprecated.GrantedTo": "GrantedTo has been deprecated. Refer to GrantedToV2",
      "roles": ["write"],
      "grantedTo": {
        "user": {
          "id": "5D33DD65C6932946",
          "displayName": "Robin Danielsen"
        }
      },
      "grantedToV2": {
        "user": {
          "id": "5D33DD65C6932946",
          "displayName": "Robin Danielsen"
        },
        "siteUser": {
          "id": "1",
          "displayName": "Robin Danielsen",
          "loginName": "Robin Danielsen"
        }
      },
      "inheritedFrom": {
        "driveId": "1234567890ABD",
        "id": "1234567890ABC!123",
        "path": "/drive/root:/Documents" }
    },
    {
      "id": "3",
      "roles": ["write"],
      "link": {
        "webUrl": "https://onedrive.live.com/redir?resid=5D33DD65C6932946!70859&authkey=!AL7N1QAfSWcjNU8&ithint=folder%2cgif",
        "type": "edit",
        "application": {
          "id": "12345",
          "displayName": "Contoso Time Manager"
        }
      }
    }
  ]
}

Remarks

The permissions relationship of driveItem can't be expanded as part of a call to get driveItem or a collection of driveItems. You must access the permissions property directly.

Error responses

Read the Error responses topic for more information about how errors are returned.