Forum Discussion

YathishGowda's avatar
YathishGowda
Copper Contributor
Mar 30, 2023

How to get the list of users who has "Can view" access and "Can edit" access using a shared link?

How to get the list of users who has "Can view" access and "Can edit" access using a shared link in sharepoint? I tried with the below URi and getting all the users who has access to a folder but not able to differentiate which user has "Can view" access and which user has "Can edit" access..appreciate anyone's inputs

 

_api/web/lists/getbytitle('Documents')/items(1)?$expand=RoleAssignments/Member/Users,RoleAssignments/RoleDefinitionBindings

SharePoint Online

1 Reply

  • NicolasKheirallah's avatar
    NicolasKheirallah
    MVP
    Apr 04, 2023

    YathishGowda 

     

    One possible way to get the list of users who has "Can view" access and "Can edit" access using a shared link in SharePoint is to use the REST API endpoint: _api/web/GetFileByServerRelativeUrl('/Shared Documents/foldername')/ListItemAllFields/RoleAssignments.

     

    This endpoint returns the role assignments for the file or folder specified by the server relative URL. Each role assignment has a Member and a RoleDefinitionBindings property.

     

    The Member property contains the user or group information, such as Id, Title, LoginName, etc.

     

    The RoleDefinitionBindings property contains an array of role definitions, such as Full Control, Edit, View Only, etc. So By iterating through the role assignments and checking the role definitions, you can differentiate which user has "Can view" access and which user has "Can edit" access.

     

     

     

    Here is an example of how to use this endpoint in PowerShell:

# Specify the site URL and the folder URL
$SiteURL = "https://contoso.sharepoint.com/sites/demo"
$FolderURL = "/sites/demo/Shared Documents/foldername"

# Get credentials and connect to SharePoint Online
$Cred = Get-Credential
Connect-PnPOnline -Url $SiteURL -Credentials $Cred

# Invoke the REST API endpoint
$Response = Invoke-PnPSPRestMethod -Method Get -Url "_api/web/GetFileByServerRelativeUrl('$FolderURL')/ListItemAllFields/RoleAssignments"

# Parse the JSON response
$Data = $Response | ConvertFrom-Json

# Loop through the role assignments
foreach ($RoleAssignment in $Data.value) {

# Get the user or group information
$Member = $RoleAssignment.Member
Write-Host "User/Group: $($Member.Title)"

# Get the role definitions
$RoleDefinitions = $RoleAssignment.RoleDefinitionBindings.results

# Check if the user or group has "Can view" access
if ($RoleDefinitions.Name -contains "View Only") {
Write-Host "Access: Can view"
}

# Check if the user or group has "Can edit" access
if ($RoleDefinitions.Name -contains "Edit") {
Write-Host "Access: Can edit"
}

Write-Host ""
}

     

Resources