Forum Discussion

StephenRice's avatar
StephenRice
Icon for Microsoft rankMicrosoft
Feb 19, 2020

New OneDrive & SharePoint Feature: Fixing Unhealthy Sharing Links

Hi all,   I wanted to drop by and let interested folks know about a new feature we are rolling out to help users deal with "unhealthy" links! We've seen a few cases recently where a user makes so...
link
Manage Access
OneDrive for Business
Sharing
StephenRice's avatar
StephenRice
Icon for Microsoft rankMicrosoft
Feb 28, 2020

Hi dsmith_icona,

 

This post is the only "documentation" that we have at the moment. The particular case we are covering here occurs when advanced users play with the advanced permissions API's around a file/folder/document library. The short but technical explanation is that a sharing link consists of a link object that is tied to an ACL on the item and when the ACL gets removed (but the link is not), it can cause some pretty broken scenarios. This only occurs if you use lower level permissions API's though as all of our UI for sharing/unsharing files will always clean up both pieces. 

 

Renaming a file wouldn't cause this to occur though so working through this with support is likely your best bet. Thanks!

 

Stephen Rice

Senior Program Manager, OneDrive

jvossers's avatar
jvossers
Copper Contributor
Jul 10, 2020

StephenRice 

 

Hi Stephen,

 

I am working with the SP REST api to programmatically remove individual users from a secure link.

 

I have noticed some odd behaviour when multiple API calls are made in parallel, each trying to remove access for a different user against the same SecureLink.

 

Sometimes this results in a SecureLink turning "unhealthy", showing the red "broken link" warning text in the UI.

 

I am also intermittently (but regularly) seeing scenarios where I am trying to remove user A and B, and even though each request results in a HTTP 200 response (with no error in the response body), it appears as if the removal of user B reinstates user A against the link. Note that this only happens if the API calls are made in parallel. If the same API calls are made in sequence then everything works as expected. To me this suggests there is some sort of concurrency issue on the server side.

 

I am only using the /ListItemAllFields/SecureLink endpoint, using the inviteesToRemove bit in the JSON payload to indicate which user to remove. I am not using any API endpoints that directly manipulate the underlying ACLs.

 

I also think this issue could arise if multiple end users are modifying the same secure link through the browser and they happen to submit their changes at the same time, given that this operation uses the same API endpoints.

 

Let me know if you need me to provide more info or some code to reproduce this issue.

 

Thanks,

 

Jaap

 

 

 

 

 

 

 

  • ThatGutMikeFromIT's avatar
    ThatGutMikeFromIT
    Copper Contributor
    May 18, 2023

    jvossers 

     

    This sounds like exactly what I too am looking for. However I cannot find anywhere that the inviteesToRemove syntax is explained. What call are you using for that?

  • StephenRice's avatar
    StephenRice
    Icon for Microsoft rankMicrosoft
    Jul 10, 2020

    Hi jvossers,

     

    We don't currently support making sharing API calls to the same object in parallel. We recommend sequential calls when you need to perform multiple operations on the same link. Thanks!

     

    Stephen Rice

    Senior Program Manager, OneDrive

Resources