Forum Discussion
Error resetting last modified date
Alexander72 Can you try using AllSites.FullControl permissions & see if it works for this scenario?
-
Please click Mark as Best Response & Like if my post helped you to solve your issue. This will help others to find the correct solution easily. It also closes the item. If the post was useful in other ways, please consider giving it Like.
- Alexander72Aug 26, 2022Copper ContributorAllSites.FullControl solves the problem, but in my opinion it is a bug and may cause security problems! I do not want my application to access everything in SharePoint.
So giving full control permissions is just a work around, which is not suitable from the security perspective.- kalpeshvaghelaAug 26, 2022Steel Contributor
Based on your questions, you are getting a token through interactive login that means you are using Delegated permissions, so even if you have given AllSites.FullControl, your code will always work with permission of user which you are using interactive login.
And still it's also possible to provide access to specific sites using Azure AD App Registration. If security is the concern then you can provide AllSites.FullControl rights for particular site collections only.
Reference Blog: https://devblogs.microsoft.com/microsoft365dev/controlling-app-access-on-specific-sharepoint-site-collections/Hope it will helpful to you and if so then Please mark my response as Best Response & Like to help others in this community
- Alexander72Aug 26, 2022Copper ContributorThis is also a work around, which is not suitable in my case.
My customer has a OneDrive folder for every of his users (about 65K) and also many team sites.
Every SharePoint online site has to be searched for Office files. Every Office file ist to be analyzed for VBA macros and if there are macros without potentially malicious code, they are to be signed.
The last modified date and the editor is to be preserved.
And you need one app to have read/write access to those sites and files.
Modifying file content is possible with AllSites.Modify.
So AllSites.Modify is the way to go. Everything else would be an overkill.
MS has to fix this!