【发布时间】:2020-11-10 17:57:47
【问题描述】:
所以我正在开发一个 sharepoint webpart,我需要在其中检查用户是否在 AD 组中。现在这是我需要的 MS Graph 查询的奇怪部分:
https://graph.microsoft.com/v1.0/me/transitiveMemberOf/microsoft.graph.group?$count=true
这是我的 WP 发出的确切查询,但它返回 500 错误消息。现在我以为我缺少权限,但资源管理器说我不需要。
这是我处理 MS Graph 的 GraphService:
import { MSGraphClient } from '@microsoft/sp-http';
import * as MicrosoftGraph from '@microsoft/microsoft-graph-types';
import { WebPartContext } from "@microsoft/sp-webpart-base";
/**
* The class that handles the MS Graph API calls
*/
export default class GraphService {
/**
* The MS Graph client with does the calls
*/
private _client:MSGraphClient;
/**
* Sets the client for the Graph API, needs to be called before the class can be used
* @param context The context of the WP
*/
public async setClient(context:WebPartContext) {
this._client = await context.msGraphClientFactory.getClient();
}
/**
* Checks to see if a user belongs in a user group or not
* @param groupName The group name with we want to check
*/
public async checkCurrentUserGroup(groupName:string) {
const rawData = await this._client.api('/me/transitiveMemberOf/microsoft.graph.group').count(true).get();
const arr = rawData.value.filter(i => i.displayName == groupName);
return !!arr.length;
}
/**
* Returns the users from AD who have a manager and whom companyName is a specific company name
* @param companyName The company name to whom the users need to belong to
*/
public async getUsers(companyName:string):Promise<any[]> {
const rawData = await this._client.api('/users').filter('accountEnabled eq true').expand('manager').select('displayName,companyName,mail,department,jobTitle').get();
//need to do manual filtering, becuase you can't user filter on the "companyName" field and you can't search and expand at the same time without returing everything
const filteredData = rawData.value.filter(i => i.companyName == companyName && i.manager);
//remaps the data to IUserModel
const ret:any[] = filteredData.map(i => <any>{
name: i.displayName,
id: 0,
email: i.mail,
manager: i.manager.displayName,
managerEmail: i.manager.mail,
managerId: 0,
hasDiscussionForm: false,
department: i.department,
position: i.jobTitle
});
return ret;
}
}
那么问题是 checkCurrentUserGroup 方法返回 500。
我已向 wp 授予以下权限:
- Group.Read.All
- Directory.Read.All
- User.Read
getUsers 方法按预期工作。
在 MS Graph Explorer 中,查询工作正常。我错过了什么?
【问题讨论】:
-
能否请您尝试传递标题详细信息
client.api('/users/{id}/transitiveMemberOf/microsoft.graph.group') .header('ConsistencyLevel','eventual')如果有帮助请告诉我们 -
@SruthiJ-MSFTIdentity 不,我没有,这实际上有效,你能给出一个答案,以便我可以接受它,也许可以解释一下发生在我身上的事情,如果它不是太多的要求
标签: sharepoint microsoft-graph-api