Microsoft Graph-为什么需要根网站读取访问权限才能访问另一个网站集中的子网站? [英] Microsoft Graph - Why is root site read access needed to access subsite in another site collection?
问题描述
我正在尝试访问作为嵌套子网站一部分的列表中的项目,如下所示:
I'm trying to access the items of a list that is a part of a nested subsite, like this:
https://{mytenant}.sharepoint.com/
vendorSiteCollection/
vendorAppSite/
vendorList
我的测试用户只有具有vendorAppSite
子站点上的读取权限.我已经从所有其他网站(包括位于https://{mytenant}.sharepoint.com
的root
网站集)删除了读取权限.
My test user has only Read permission on the vendorAppSite
Subsite. I have removed read permissions from all other sites, including the root
site collection at https://{mytenant}.sharepoint.com
.
如果我在浏览器中导航到此处:
If I navigate to here in a browser:
https://{mytenant}.sharepoint.com/sites/{vendorSiteCollection}/{vendorAppSite}/Lists/{vendorList}/AllItems.aspx
然后我按预期看到列表.
Then I see the list, just as expected.
但是,当我在图形资源管理器"中发出此请求时:
However, when I make this request in the Graph Explorer:
https://graph.microsoft.com/v1.0/sites/root:/sites/{vendorSiteCollection}/{vendorAppSite}:/lists/{vendorList}?$expand=items($expand=fields)
我收到了403禁止回复:
I get a 403 forbidden response:
{
"error": {
"code": "accessDenied",
"message": "The caller does not have permission to perform the action.",
"innerError": {
"request-id": "15e2087d-8ae5-46e3-abee-4ab165629dfb",
"date": "2018-04-05T12:08:16"
}
}
}
我希望能够通过API读取列表项,就像我可以在SharePoint Online UI中看到列表项一样.
I would have expected to be able to read the list items via the API just like I can see the list items in the SharePoint Online UI.
这样设置权限级别后,如何使用Microsoft Graph API读取项目?
How can I use the Microsoft Graph API to read the items when the permission levels are set like this?
旁注:当测试用户对https://{mytenant}.sharepoint.com
上的root
网站集具有读取权限时,该API将按预期工作.但是,由于我们不希望用户具有对root
网站集的读取访问权限,因此此变通方法对我们不起作用.
Side note: When the test user has Read permission on the root
site collection at https://{mytenant}.sharepoint.com
, the API works as expected. But this workaround doesn't work for us since we don't want our users to have read access to the root
site collection.
推荐答案
此问题似乎已在MS Graph中修复.
This issue seems to be fixed in the MS Graph.
这篇关于Microsoft Graph-为什么需要根网站读取访问权限才能访问另一个网站集中的子网站?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!