Microsoft Graph-为什么需要根网站读取访问权限才能访问另一个网站集中的子网站? [英] Microsoft Graph - Why is root site read access needed to access subsite in another site collection?

查看:98
本文介绍了Microsoft Graph-为什么需要根网站读取访问权限才能访问另一个网站集中的子网站?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试访问作为嵌套子网站一部分的列表中的项目,如下所示:

I'm trying to access the items of a list that is a part of a nested subsite, like this:

https://{mytenant}.sharepoint.com/
    vendorSiteCollection/
        vendorAppSite/
            vendorList

我的测试用户只有具有vendorAppSite子站点上的读取权限.我已经从所有其他网站(包括位于https://{mytenant}.sharepoint.comroot网站集)删除了读取权限.

My test user has only Read permission on the vendorAppSite Subsite. I have removed read permissions from all other sites, including the root site collection at https://{mytenant}.sharepoint.com.

如果我在浏览器中导航到此处:

If I navigate to here in a browser:

https://{mytenant}.sharepoint.com/sites/{vendorSiteCollection}/{vendorAppSite}/Lists/{vendorList}/AllItems.aspx

然后我按预期看到列表.

Then I see the list, just as expected.

但是,当我在图形资源管理器"中发出此请求时:

However, when I make this request in the Graph Explorer:

https://graph.microsoft.com/v1.0/sites/root:/sites/{vendorSiteCollection}/{vendorAppSite}:/lists/{vendorList}?$expand=items($expand=fields)

我收到了403禁止回复:

I get a 403 forbidden response:

{
    "error": {
        "code": "accessDenied",
        "message": "The caller does not have permission to perform the action.",
        "innerError": {
            "request-id": "15e2087d-8ae5-46e3-abee-4ab165629dfb",
            "date": "2018-04-05T12:08:16"
        }
    }
}

我希望能够通过API读取列表项,就像我可以在SharePoint Online UI中看到列表项一样.

I would have expected to be able to read the list items via the API just like I can see the list items in the SharePoint Online UI.

这样设置权限级别后,如何使用Microsoft Graph API读取项目?

How can I use the Microsoft Graph API to read the items when the permission levels are set like this?

旁注:当测试用户对https://{mytenant}.sharepoint.com上的root网站集具有读取权限时,该API将按预期工作.但是,由于我们不希望用户具有对root网站集的读取访问权限,因此此变通方法对我们不起作用.

Side note: When the test user has Read permission on the root site collection at https://{mytenant}.sharepoint.com, the API works as expected. But this workaround doesn't work for us since we don't want our users to have read access to the root site collection.

推荐答案

此问题似乎已在MS Graph中修复.

This issue seems to be fixed in the MS Graph.

这篇关于Microsoft Graph-为什么需要根网站读取访问权限才能访问另一个网站集中的子网站?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆