While posting request to microsoft graph:
POST 'https://graph.microsoft.com/v1.0/me/drive/root:/017_2018-08-12_18.47.27.jpg:/createLink'
content-type': 'application/json
{
"type": "embed"
}
I am only getting
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#permission",
"#odata.type": "#microsoft.graph.permission",
"id": "5o98ENjWYH2pNK8wO5_d7QHUrdk",
"roles": ["read"],
"shareId": "s!AgDP2w-bgvZL****evpaN2yel",
"link": {
"type": "embed",
"webUrl": "https://onedrive.live.com/embed?resid=4B****U"
But according to documentation, I should also get WebHtml with Iframe link not only webUrl, and this is what I am looking for so I can generate links for photos, and put them on website.
Am I doing something wrong or is there any way around so I can get same embed url that I can generate from manualy clicking in onedrive?
I'm using personal one drive account.
Trying this out on the graph explorer does not work on the v1.0 endpoint for me. However using the beta endpoint does indeed return the webHtml property like as follows
Essentially what you would need to do is change the v1.0 segment in the url to beta.
POST 'https://graph.microsoft.com/beta/me/drive/root:/017_2018-08-12_18.47.27.jpg:/createLink'
content-type': 'application/json
{
"type": "embed"
}
And you should get back something like this
{
"#odata.context": "https://graph.microsoft.com/beta/$metadata#permission",
"#odata.type": "#microsoft.graph.permission",
"id": "p6z1ZAtRqKFwqHNVfaa6mPFQIyI",
"roles": [
"read"
],
"shareId": "s!AorKRTkoJljsixZbAANWreQhS7gk",
"expirationDateTime": "0001-01-01T00:00:00Z",
"hasPassword": false,
"link": {
"type": "embed",
"webUrl": "https://onedrive.live.com/embed?resid=EC5826283945CA8A%211430&authkey=!AFsAA1at5CFLuCQ",
"webHtml": "<iframe src=\"https://onedrive.live.com/embed?resid=EC5826283945CA8A%211430&authkey=!AFsAA1at5CFLuCQ\" width=\"98\" height=\"120\" frameborder=\"0\" scrolling=\"no\"></iframe>"
}
}
Related
I've been trying to search within a specific DriveItem folder but I've been having some troubles. First of all, despite the API stating that "You can search within a folder hierarchy, a whole drive, or files shared with the current user.", I haven't found any documentation supporting this. I have found this stackoverflow reply that describes how to do it. Unfortunately, it doesn't to be working very well.
Since I don't know how sensitive IDs are, I'll be redacting them in my examples.
https://graph.microsoft.com/v1.0/me/drive/items/<id_parent_folder>/children?select=name
This request returns all files inside the folder I want to search and it does list everything inside the folder. The response is something like:
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#users('<id_user>')/drive/items('<id_parent_folder>')/children(name)",
"value": [
{
"#odata.etag": "\"{redacted1},1\"",
"name": "automation_csv.csv"
},
{
"#odata.etag": "\"{redacted2},1\"",
"name": "HOSPITAIS_PT.cpg"
},
{
"#odata.etag": "\"{redacted3},1\"",
"name": "HOSPITAIS_PT.dbf"
},
{
"#odata.etag": "\"{redacted4},1\"",
"name": "HOSPITAIS_PT.prj"
},
{
"#odata.etag": "\"{redacted5},1\"",
"name": "HOSPITAIS_PT.qpj"
},
{
"#odata.etag": "\"{redacted6},1\"",
"name": "HOSPITAIS_PT.shp"
},
{
"#odata.etag": "\"{redacted7},1\"",
"name": "HOSPITAIS_PT.shx"
}
]
}
However, when searching inside the folder I only get the CSV file....
https://graph.microsoft.com/v1.0/me/drive/items/<id_parent_folder>/search(q='')?select=name
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#Collection(driveItem)",
"value": [
{
"#odata.type": "#microsoft.graph.driveItem",
"name": "<name_parent_folder>"
},
{
"#odata.type": "#microsoft.graph.driveItem",
"name": "automation_csv.csv"
}
]
}
Searching for any other file name produces no results.
Is this a bug or a feature? Is there another endpoint that allows me to search all files inside a folder?
EDIT: changed the "beta" endpoint to "v1.0", though they produce the same results. Just don't want to create the assumption that it only happens in the beta endpoint.
Use the Microsoft Query API to search instead of using q search parameter.
See https://learn.microsoft.com/en-us/graph/api/resources/search-api-overview?view=graph-rest-beta
So I've been trying to get email addresses of people that have access to certain files in a Sharepoint document library of a site through the use of the Microsoft Graph API. Below is an example of how my permission object looks like, which is retrieved from https://graph.microsoft.com/v1.0/sites/<site id>/drives/<drive id>/items/<item id>/permissions.
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#sites('...')/drives('...')/items('...')/permissions",
"value": [
{
"id": "...",
"roles": ["owner"],
"grantedTo": { "user": { "displayName": "testsite - Eigenaars" } },
"inheritedFrom": {}
},
{
"id": "...",
"roles": ["read"],
"grantedTo": { "user": {"displayName": "testsite - Bezoekers"} },
"inheritedFrom": {}
},
{
"id": "...",
"roles": ["write"],
"grantedTo": { "user": { "displayName": "testsite - Leden" } },
"inheritedFrom": {}
},
{
"id": "...",
"roles": [
"write"
],
"grantedToV2": {
"siteGroup": {
"displayName": "Developers",
"id": "120",
"loginName": "Developers"
}
},
"grantedTo": {
"user": {
"displayName": "Developers"
}
},
"inheritedFrom": {}
},
{
"id": "...",
"roles": ["owner"],
"grantedTo": {
"user": {
"email": "testsite#mysharepoint",
"id": "uuid",
"displayName": "testsite - Eigenaars"
}
},
"inheritedFrom": {}
}
]
}
I assume the testsite in the displayName property is a group name (probably the group that belongs to the site the file resides in), but I have seen cases where I can't find this group name in the groups retrieved from the /groups endpoint in the Graph API.
You can also see the group Developers, which I haven't managed to find in the full group list retrieved from /groups.
The documentation around this is quite vague and unclear to me. Somewhere I read that this lack of data could be due to authentication scopes, but I have "god mode" administrator rights in this Sharepoint environment, so that would seem strange to me.
My main goal is to be able to get all users that have access to a specific file.
Thanks in advance!
1. I assume the testsite in the displayName property is a group name, but I have seen cases where I can't find this group name in the groups retrieved from the /groups endpoint in the Graph API.
This is because as per Drive Item Permission >> Identity Set >> Identity resource type Quoting
The identity's display name. Note that this may not always be available or up to date. For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using
This can explain why sometimes you don't see the group name in your groups.
I suggest you use the id.
2. My main goal is to be able to get all users that have access to a specific file.
Do you have any users that appear on the Has Access section of the drive item on sharepoint? For users you should be able to get permissions and use the ids to Get directoryObject using the id values from grantedToIdentitiesV2 or grantedToV2 which will return odate type.
GET https://graph.microsoft.com/v1.0/directoryObjects/{id}?$select=id
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#directoryObjects(id)/$entity",
"#odata.type": "#microsoft.graph.group or user or application",
"id": "id"
}
For groups, the users would be the members of the group.
I want to be able to have a list of all users who can view a certain mail item. As an admin on the frontend on exchange online, I can view all my users mail, but when i call to the API I only return my mail. I want to be able to make calls to see exactly who has permission to view each mail item, and cannot find a way through the api.
I can get a list of all users, and a list of all mail for each user, a list of all mailboxes, a list of all groups, but not permissions on each mail item
GET /users/{id | userPrincipalName}/messages
returns all the mail, but mail items come with the following structure:
{
"bccRecipients": [{"#odata.type": "microsoft.graph.recipient"}],
"body": {"#odata.type": "microsoft.graph.itemBody"},
"bodyPreview": "string",
"categories": ["string"],
"ccRecipients": [{"#odata.type": "microsoft.graph.recipient"}],
"changeKey": "string",
"conversationId": "string",
"createdDateTime": "String (timestamp)",
"flag": {"#odata.type": "microsoft.graph.followupFlag"},
"from": {"#odata.type": "microsoft.graph.recipient"},
"hasAttachments": true,
"id": "string (identifier)",
"importance": "String",
"inferenceClassification": "String",
"internetMessageHeaders": [{"#odata.type": "microsoft.graph.internetMessageHeader"}],
"internetMessageId": "String",
"isDeliveryReceiptRequested": true,
"isDraft": true,
"isRead": true,
"isReadReceiptRequested": true,
"lastModifiedDateTime": "String (timestamp)",
"parentFolderId": "string",
"receivedDateTime": "String (timestamp)",
"replyTo": [{"#odata.type": "microsoft.graph.recipient"}],
"sender": {"#odata.type": "microsoft.graph.recipient"},
"sentDateTime": "String (timestamp)",
"subject": "string",
"toRecipients": [{"#odata.type": "microsoft.graph.recipient"}],
"uniqueBody": {"#odata.type": "microsoft.graph.itemBody"},
"webLink": "string",
"attachments": [{"#odata.type": "microsoft.graph.attachment"}],
"extensions": [{"#odata.type": "microsoft.graph.extension"}],
"multiValueExtendedProperties": [{"#odata.type": "microsoft.graph.multiValueLegacyExtendedProperty"}],
"singleValueExtendedProperties": [{"#odata.type": "microsoft.graph.singleValueLegacyExtendedProperty"}]
}
this doesnt contain anything about the full permissions on the item. Does anyone know of a way to get this?
You can't get item level permission as item doesn't store ACL associated with it. You can, however, get Folder level permission by querying PR_NT_SECURITY_DESCRIPTOR (0x0E270102) on the folder.
I actually wrote script for this based on my old REST API client engine: Start-MailboxFolderPermissionReport
I can, if script isn't enough, write C# way of doing it through Graph Managed API
There doesn't appear to be a way to expose mailbox or folder permissions through the Graph API. These are available through the Exchange Online PowerShell module e.g. Get-MailboxFolderPermission.
I'm observing a change in functionality in Microsoft Graph. When requesting a list of drives from a SharePoint site, I used to see a driveItem attribute that no longer seems to be present as of Nov 14.
The site documentation mentions the relationship to the drives collection.
The drive documentation describes the driveType attribute as:
Describes the type of drive represented by this resource. OneDrive personal drives will return personal. OneDrive for Business will return business. SharePoint document libraries will return documentLibrary. Read-only.
Here is an example call:
https://graph.microsoft.com/v1.0/sites/{site-id}/drives
Response:
client-request-id →d822c749-baf6-4857-abd9-6d80f70823d9
request-id →d822c749-baf6-4857-abd9-6d80f70823d9
x-ms-ags-diagnostic →{"ServerInfo":{"DataCenter":"EastUS","Slice":"SliceB","Ring":"NA","ScaleUnit":"003","Host":"AGSFE_IN_28","ADSiteName":"EST"}}
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#drives",
"value": [
{
"createdBy": {
"user": {
"displayName": "System Account"
}
},
"createdDateTime": "2015-05-22T17:21:01Z",
"description": "This system library was created by the PointPublishing feature to store application pages.",
"id": "b!a4YqXM4QKkOPmOj73xfdss5bbYPr7MlFlXKVhtK0Dpjf4OJPyoBFQo2-YK5095t1",
"lastModifiedDateTime": "2015-05-22T17:21:03Z",
"name": "AppPages",
"webUrl": "https://mysharepoint.sharepoint.com/portals/hub/AppPages",
"quota": {
"deleted": 0,
"remaining": 0,
"total": 0,
"used": 0
}
}
<snipped a few values>
]
}
Is the change in functionality I am seeing here by design or non-intended?
Edit: When attempting the call:
https://graph.microsoft.com/v1.0/sites/root/drives?$select=id,driveType,Name
The driveType is returned
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#drives(id,driveType,name)",
"value": [
{
"id": "fakeId",
"name": "Documents",
"driveType": "documentLibrary"
}
]
}
When requesting drives for a site based on the site-id (/sites/{site-id}/drives) we see different attributes returned.
Just closing the loop on this. As Brad mentioned, an issue has been identified. A fix is currently in the pipeline and should be rolling out soon.
I'm using Facebook graph API by calling https://graph.facebook.com/v2.10/me?access_token=xxxxxxxxxxxxxxxxxx&fields=id,email,name,first_name,last_name,gender,age_range,picture.width(512).height(512),locale,link,timezone,updated_time which returns the json response I was expecting. Something like this:
{
"id": "1234567890987654321",
"email": "xxxxxx\u0040example.com",
"name": "xxxx xxxx",
"first_name": "xxxx",
"last_name": "xxxx",
"gender": "xxxxx",
"age_range": {
"min": 21
},
"picture": {
"data": {
"height": 720,
"is_silhouette": false,
"url": "https://scontent.fna.fbcdn.net/v/t1.0-1/p720x720/xxx.jpg?oh=xxx",
"width": 720
}
},
"locale": "en_US",
"link": "https://www.facebook.com/app_scoped_user_id/1234567890987654321/",
"timezone": xx,
"updated_time": "2017-05-24T14:00:01+0000"
}
However, on calling the url child node of the picture, nothing was returned. I copied the actual link and paste it in Google Chrome browser and DNS_PROBE_FINISHED_NXDOMAIN error is returned.
I checked the image used by the Facebook website, I noticed that it's pointing to a different base url: https://scontent.fjnb2-1.fna.fbcdn.net, while mine is pointing to https://scontent.fna.fbcdn.net. The returned url on graph is missing .fjnb2-1 and it works when I added it.
Is this a known bug on Facebook Graph API?
Is it ok to change the base url to include the missing part?
Any other way to fix this issue without running into another issue later when Facebook decided to change the return url?
This is a known bug which has already been reported by many developers on https://developers.facebook.com/bugs and I believe the Facebook team is working on resolving this.
Edit:
I can confirm that this issue has been resolved by Facebook Dev Team now.