I would like to retrieve Sharepoint subsites authors & permissions (public or private, and if private : allowed groups/members), preferably using Graph API.
For Outlook Groups and Teams sites, I can use endpoints /groups/<groupID>, /groups/<groupID>/owners and /groups/<groupID>/members to achieve that, but it seems that there is no equivalent for sites created through the following process:
Load "root site" https://<yourdomain>.sharepoint.com
Click on "Site contents" > "New" > "Subsite"
The only "interesting" Graph API endpoint I found yet, is /sites/root/sites/<siteID>/lists, returning some site metadata (collections of data like "master pages", "designs"...), along with a createdBy structure (containing a user.id property) for each of those collections.
However, using it would look hacky, a "direct" property/structure author or owners would be preferable. Moreover, the /sites/.../lists endpoint is only available in beta version of the API (has somebody any info on its release date ?), and still, that does not tells me which users are allowed to view the site.
Attempts with other APIs like this one did not provide any closer info to what I need.
Thanks for any piece of advice.
SharePoint has site collections > sites > lists > folders > items. By default each object inherits permissions from its parent, but you can break inheritance at any level. So in order to get a complete picture of the permissions a subsite has, you will need to enumerate every object inside that subsite (lists, folder, items) and check if it inherits permissions from its parent or not. As far as I know Microsoft Graph doesn't expose an API that lets you do this, but you can instead use SharePoint CSOM (client side object model) or SharePoint REST APIs.
Related
I am able to access the documents on my one drive with requests like this one:
https://graph.microsoft.com/v1.0/me/drive/root/children
I am able to access a document library of a root sharepoint site of my company with a request like this:
https://graph.microsoft.com/v1.0/drive/root/children
It gives me the contents of the "root" library:
https://<my company>.sharepoint.com/Shared%20Documents
I am not able to access the document library of a SP subsite I created. e.g. this one:
https://<my company>.sharepoint.com/samplesp/Shared%20Documents
How can I access such a document library with MS Graph?
For accessing SharePoint sites and lists check out documentation of the SharePoint API in Microsoft Graph.
Update:
For those who have problems with accessing default Drive (formerly "Documents" library) on a specific SharePoint site using MS Graph API:
You should look into the documentation for accessing files on OneDrive.
As said in the question, this endpoint gives us a list of files on private OneDrive:
.../me/drive/root/children
Drive on SharePoint's sites works in the same way, but instead of me you should provide global Id of the site you want to access (global Id is <hostName>,<siteCollectionId>,<siteId>).
In conclusion: this endpoint gives us a list of files on a specified site's default drive:
.../Sharepoint/sites/<hostName>,<siteCollectionId>,<siteId>/drive/root/children
If you want to access files on a specific list, all you need is the id of the list:
.../Sharepoint/sites/<hostName>,<siteCollectionId>,<siteId>/lists/<listId>/drive/root/children
Now it should be obvious.
I have a web application. When the user clicks on a button in my web application, I'd like to retrieve data from SharePoint on behalf of the user. I have read quite a few articles on SharePoint but I'm still not sure how to proceed. Should I create a provider hosted SharePoint App and use the SharePointREST API? Thank you in advance for your help.
You don't need to create a Provider to use the SharePoint Rest Services.
Quoting http://msdn.microsoft.com/en-us/library/office/jj164022(v=office.15).aspx :
One advantage of using REST is that you don’t have to add references to any SharePoint 2013 libraries or client assemblies. Instead, you make HTTP requests to the appropriate endpoints to retrieve or update SharePoint entities, such as webs, lists, and list items. See Get started with the SharePoint 2013 REST service for a thorough introduction to the SharePoint 2013 REST interface and its architecture.
Inside the page you will find videos and code examples that will help you to connect and execute operations.
It's Correct. Data in SharePoint is Stored in Lists or Libraries (to files).
You can use the Client Object Model, to get data remotely from a SharePoint Server (on-premise or Online). The Client Object Model can be used through Assemblies (DLL files) or REST services provided by SharePoint. Generally you should know the location of the data you are going to get, that is, as I initially mentioned, the data in SharePoint are stored in Lists or Libraries, therefore you must know the name of the List or Library Additional Site or Sub-site of the List or Library is.
If the name of the list where the information is stored is "employees" and the HR website, the URL could be formed as follows:
http://spserver.company.com/HR/Employees
For REST services, simply complete URL of the list you want to see, so that you retrieve the information from the list. If you want to apply filters, sorting, to retrieve specific columns, you must do it through CAML queries which the add on REST service call.
I have a project where I have a username (but not the password) and need to check if the user can access an item. This must be on the item-level and not the web level since rights may not be inherited.
I am aware of the SPWeb.CheckPermissions but figured it will only test if the user can access the actual spweb.
Thanks
== EDIT ==
I was able to achieve this by doing this
var item = properties.ListItem;
SPUser user = SPContext.Current.Web.EnsureUser(#"domain\logonname");
item.DoesUserHavePermissions(user, SPBasePermissions.OpenItems);
My question remains a bit however. Is this possible to do via the web service api?
With SharePoint 2013 you can use the REST API to query static methods. An interesting method would be the SPUtility.GetPrincipalsInGroup. Of course you can't ask for "has open permission", but you can ask for a specific group. To query a static method refer to: Programming using the SharePoint 2013 REST service, look for the section Specifying static methods and properties as REST service URIs. Of course you would have to call the Web Service with an authenticated user and the group needs to be enabled to be enumerable by all users.
I am able to get the Permissions associated with a List or a Site using Permissions.GetPermissionCollection (ObjectName, ObjectType). The ObjectType parameter will accept either a Site or a List. Is there any way with the out-of-the-box webservices to get the Permissions associated with a ListItem?
I mean if I have NOT inherited the List permissions and have specified a set of specific permissions to a List Item or a document in a document Library then how can I get the permissions specified?
The answer is the same as for documents. See the question Permission for a SharePoint document using MOSS web services.
You cannot with the out-of-the-box web services but there is a custom web service available for free download and source code.
Can i program custom base permission level? There are many available in SPBasePermissions like
UseRemoteAPIs Use SOAP, WebDAV, or Microsoft Office SharePoint Designer 2007 interfaces to access the Web site.
ViewFormPages View forms, views, and application pages, and enumerate lists.
ViewListItems View items in lists, documents in document libraries, and view Web discussion comments.
However i want to make a custom one, something like:
EditItemsAssignedToMe + ViewItemsAssignedToMe + view/edit items i created.
Still finding my way out to allow users view and edit items created by them or assigned to them.
OOTB you don't have the fine-grained control and can only assign a certain set of permissions as defined on technet and this blog article.
However programmatically you can create a new SPRoleDefinition and assign it the appropriate permissions based on the SPBasePermissions enumeration as per this blog article. You might also want to read this short guide on the basics of SPBasePermissions.
If you want to go even further though and emulate the OOTB behaviour with your own custom permission set try Implementing Custom Security Rights in SharePoint.