web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

Welcome to the Power Platform Communities
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Automate / Getting current ShareP...
Power Automate
Unanswered

Getting current SharePoint permissions on a file/folder

(0) ShareShare
ReportReport
Posted on by biterbit 408

I have developed a solution for storing sensitive client documents in a set of folders in a SharePoint site's Shared Documents library: one folder per client. Individual access is granted to a folder when a user takes on a role in relation to the client, and removed when the user leaves that role. When the client moves to a 'closed' state, I reset all permissions to the default (no individual user access). I also use the individual permissions on a folder to determine who should be notified when a document is placed in the folder.

To do all this I use several Flows containing different HTTP calls to SharePoint:

1) When a user is granted access to a folder I use the action Grant access to an item or a folder

2) When a user's access is revoked I use the action Send an HTTP request to SharePoint with the URI set to:

_api/lists/getByTitle('Documents')/items(⁠<FolderID>⁠)/roleassignments/removeroleassignment(principalid=⁠<UserIDtoRemove>⁠)

3) When the client record is closed I use the action Send an HTTP request to SharePoint with the URI set to: 

_api/Web/lists/getByTitle('Documents')/items(<FolderID>)/ResetRoleInheritance()

4) When I want to notify users when a file is added to a folder I user the action Send an HTTP request to SharePoint with the URI set to:  

_api/web/lists/getbytitle('Documents')/items(<FolderID>)?$expand=RoleAssignments/Member/Users,RoleAssignments/RoleDefinitionBindings

and then I parse the output to get any PrincipalId values in the ['d']?['SharedWithUserID'] section of the returned body and then find the users' emails from that.

Checking the folders in SharePoint, it all seemed to be working fine and I could see the users' permissions being added and removed successfully as planned. Then I noticed that notifications were being sent to people who no longer had access to certain folders. These seem to be those whose permissions had been reset after the client record was closed. I confirmed that these users' IDs were being returned in the SharedWithUserID list, which I expected to be null. It seems that the ResetRoleInheritance action is removing users' permissions, as seen in SharePoint, but they are still included in the SharedWithUserID list.

Am I missing something here in relation to how SharePoint permissions work?

Categories:
Building flows
I have the same question (0)
  • biterbit Profile Picture
    biterbit 408 on at

    An update after more testing...

     

    The situation is worse then I thought: when access is revoked (in step 2) this also results in the user being removed as seen in SharePoint, but still being returned in the SharedWithUserID list.

  • KM-30101942-0 Profile Picture
    KM-30101942-0 2 on at
    I am trying to do the same thing you are doing in number 4, but am having trouble understanding how to parse the output that is returned. The results I get for the RoleAssignments and RoleDefinitionBindings is over 1800 lines long just for one folder. And it seems to have extra users in there that I know don't have any access to the folder. I don't understand how to parse the data to get just the specific users that have access to the folder. 
    Any help is appreciated.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Users!

Kudos to our 2025 Community Spotlight Honorees

Congratulations to our 2025 community superstars!

Congratulations to the March Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Automate

#1
Haque Profile Picture

Haque 605

#2
Valantis Profile Picture

Valantis 340

#3
11manish Profile Picture

11manish 284

Last 30 days Overall leaderboard

Featured topics

Share your ideas and struggles with building Power Automate flows!
Survey: Power Automate mobile app
How to Ask for Help with Your Power Automate Workflow
Flows are not visible for users who sign in with their personal accounts
Start and wait for an approval action
Restore a deleted flow
List of actions cheat sheet for Power Automate Desktop
Question for everyone : How are you using Create Text GPT in AI Builder?
Welcome to the Power Automate forum!

Product updates

Microsoft Power Platform Community release plans