Skip to main content

Notifications

Announcements

Replay: Power Platform Community AMA - Copilot Studio | April
Welcome to the Power Platform Communities
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Automate - Using Flows / How to apply condition...
Power Automate - Using Flows
Answered

How to apply condition to check site permission Group/Role

(0) ShareShare
ReportReport
Posted on by Community Power Pla...

Hi Team,

 

we have a requirement to check and update the site permissions.

In shortly: check if members group Role is having to contribute or not, if not update, then and check another Site group (GroupA) is having access or not, if not grant else skip.

 

here is the sample OutPut (Before)

Need to get SharePoint site Permissions (User.aspx)

As of now, the site is having in this way.

Members: Edit

Owners: Full control

Visitors: Read

 

This means it has to check on two groups and another one is on the role.

if

1. Members Grp Role is Edit then updated with Contribute

2. Members Grp role is already having to Contribute role then, no need to update members group just skip and check on GroupA site group

3. GroupA group is having site access or not, if not grant, else skip.

 

During checking/Condition
case1: 

Members: Contribute

Owners: Full control

Visitors: Read

Here Members group is already updated, but GroupA is not having access.

Case2:

Members: Edit

Owners: Full control

Visitors: Read

GroupA: Read

Here GroupA group has access but the Members group role is not updated, hence it needs update Role only

 

Final OutPut

Members: Contribute

Owners: Full control

Visitors: Read

GroupA: Read

Kindly assist me here on how to apply condition to check 

your POC to check the above condition would be appreciated.

Categories:
Business Process Flows
  • Verified answer
    Expiscornovus Profile Picture
    Expiscornovus 31,643 Most Valuable Professional on at
    Re: How to apply condition to check site permission Group/Role

    Hi @Anonymous,

     

    I was just giving you a heads-up that in some scenarios Microsoft will revert the permissions back after you made the changes via your flow, that is all 😀. Your requirements are clear.

     

    To help you with the conditions I have prepared an example.

    You can use the RoleAssignments method in an HTTP request to SharePoint action and expand to show the RoleDefinitionBindings. You have to use another action to retrieve the principalid of the members group first. Let me know if you need any help with that.

     

    _api/web/roleassignments/GetByPrincipalId(5)?$expand=RoleDefinitionBindings

    checkpermissions.png

     

    In the condition action you can check the name of the assigned permission. If yes you can update the permission. In my example just a compose action. But I assumed you already know how to update permissions from flow.

     

    outputs('Send_an_HTTP_request_to_SharePoint_-_Members')?['body']['d']['RoleDefinitionBindings']['results'][0]['Name']

     

  • Community Power Platform Member Profile Picture
    Community Power Pla... on at
    Re: How to apply condition to check site permission Group/Role

    @Expiscornovus 

    The SP site permission already exists, I can able to update Members Group Role with contributing from Edit, using FLow.

    Please understand that I don`t want to update during the creation of the site, permission already exists, now I want to update using Flow.

    I am talking about the Sharepoint group, I think I have clearly explained. my requirement.

    I need assistance on how to check/apply condition flow.

     

     

     

  • Expiscornovus Profile Picture
    Expiscornovus 31,643 Most Valuable Professional on at
    Re: How to apply condition to check site permission Group/Role

    Hi @Anonymous,

     

    Just want to double check a couple of things:

    1. Are you working with Team sites which are connected to an Office 365 Group

    2. Are talking about the out of the box members, owners and visitors or have you created your own custom SharePoint groups?

     

    If you are talking about a Group connected Team site and the out of the box SharePoint groups it won't be possible. You can assign a new permission level, but Microsoft will revert it back to edit again pretty soon after (the will keep it in sync). Found that out myself a couple of years back and that definitely took me some time troubleshooting 😁

     

    Luckily now they have documentation about this 😂

    Permissions for the default SharePoint groups (Owners, Members, and Visitors) for Team sites that are connected to a Microsoft 365 group can't be modified.

    https://docs.microsoft.com/en-us/sharepoint/customize-sharepoint-site-permissions#assign-a-new-permission-level-to-a-group

     

    If you are talking about custom groups I can help you out. Let me know if that is the case. In that case I will share a flow setup example.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Replay: Power Platform Community AMA - Copilot Studio | April
Welcome to the Power Platform Communities

Quick Links

Understanding Microsoft Agents - Introductory Session

Confused about how agents work across the Microsoft ecosystem? Register today!

Markus Franz – Community Spotlight

We are honored to recognize Markus Franz as our April 2025 Community…

Kudos to the March Top 10 Community Stars!

Thanks for all your good work in the Community!

Leaderboard

#1
WarrenBelz Profile Picture

WarrenBelz 146,668 Most Valuable Professional

#2
RandyHayes Profile Picture

RandyHayes 76,287 Super User 2024 Season 1

#3
Pstork1 Profile Picture

Pstork1 66,004 Most Valuable Professional

Leaderboard

Featured topics

Restore a deleted flow

Product updates

Microsoft Power Platform Community release plans