Jul 18 2018 04:09 PM
Updates to the site script function to add in owners/members solved a challenge I had with permissions in the Flow called by the script:
https://docs.microsoft.com/en-us/sharepoint/dev/declarative-customization/site-design-json-schema
Since the release of the Site Designs and Scripts I've built several custom sites leveraging the options to create libraries, lists and set themes as well as run Flow for additional customisations.
One of the challenges was with using Flow Connectors for SharePoint and O365 Groups because the Flow runs under the account you created it as and not as the user who created the site. In many instances, the site template just needed folders added to a library to provide a consistent structure that requires at least site edit permissions.
The solution I was using leveraged the Graph API to add the Flow account as a Group member/owner to enable the SharePoint connectors to then work but this requires many HTTP calls, Azure App with permissions and lots of JSON parsing.
Now I can use the addPrincipalToGroup action to add the Flow creator account, as below, as an owner:
{
"verb": "addPrincipalToSPGroup", "principal": "SPServiceaccount@mytenant.onmicrosoft.com", /* user */ "group": "Owners" }
This also means that later on if I want to perform site updates this account is already added to the site.
It also solves another problem I had where a Project Management group wanted to be owners of all project sites created. Using this method, when someone picks a project template, I can now add the PMO AD group as owners.
Mar 22 2019 01:47 AM
@Alan Marshall
Thanks for this.
I am using this in my SiteScript:
{
"verb": "addPrincipalToSPGroup",
"principal": "username@domain.tld", /* user */
"group": "Owners"
},
But what happens is:
The user will be added as an owner of the SPO site. But it is not joined to the 'SPOSite - Owners' group, therefore the owner is not able to join the created Team Channel..
Do you have a solution for this?
Thanks!
Niels
Mar 22 2019 04:05 PM