Sunday, August 8, 2021

Power Automate: Remove/Restore Permissions Inheritance

 Hello Friends,

Welcome back with another post on Power Automate. We are going to start another series of Power Automate upon Permissions at item level. In this post, we will discuss about -

  1. Stop Inheriting Permissions
  2. Delete Unique Permissions (Restore Inherited Permissions)
Let's take one by one.
  1. Stop Inheriting Permissions-
    1. First of all create a list named "TestList". There would a default column supplied "Title".
    2. Click on App Launcher (9 dots) at top left corner and then click on Power Automate.
    3. Click on "+ Create" and then choose "Automated cloud flow".
    4. A popup will appear. Give you flow a suitable name and then select the trigger as "When an item is created (SharePoint)".
    5. Provide the Site Address and the List Name upon which you need to perform action.
    6. Then add an action Compose to save the list name as we have to use the list name repeatedly therefore, we will use the output of this compose action. Rename this action as "Compose - ListName".


    8. Now add one more action "Send an HTTP request to SharePoint". Rename it as "Send an HTTP request to SharePoint - Stop Inheriting Permissions". This action has 5 parts-
      1. Site Address - Provide Site Address
      2. Method - Choose POST
      3. Uri - _api/lists/getByTitle('@{outputs('Compose_-_ListName')}')/items(@{triggerOutputs()?['body/ID']})/breakroleinheritance(copyRoleAssignments=false,clearSubscopes=true)
        1. The lime highlighted part is ListName. We will use the Outputs of Compose action.
        2.  The aqua highlighted is Item ID. We will use the ID from When an item is created action.
      4. Headers - Leave Blank
      5. Body - Leave Blank


    10. Save the flow and come back to SharePoint list. Add an item.
    11. Now quickly check the permissions of this item. You will find the item is inheriting parent list permissions.
    12. Now check the execution status of flow. Once it shows success, then check the permissions again.
    13. You will find that inheritance of permissions has been stopped. Only you will be having the access on this list item.
    14. Apart from you, Site Collection Owners also have permissions on this list item. Rest all permissions have been removed.
    15.   
    16. This way you can stop inheritance of permissions.
    17. Now, what if, we have to restore the permissions. Here is the solution.
  2. Delete Unique Permissions (Restore Inherited Permissions)-
    1. In section #1, we have seen how to stop inheritance of permissions. Now some times, we need to restore the inheritance. So, here we will see the implementation of the same.
    2. In above flow, add one more action "Send an HTTP request to SharePoint". Rename it as "Send an HTTP request to SharePoint - Restore Inheriting Permissions". This action has 5 parts-
      1. Site Address - Provide Site Address
      2. Method - Choose POST
      3. Uri - _api/lists/getByTitle('@{outputs('Compose_-_ListName')}')/items(@{triggerOutputs()?['body/ID']})/ResetRoleInheritance
        1. The lime highlighted part is ListName. We will use the Outputs of Compose action.
        2.  The aqua highlighted is Item ID. We will use the ID from When an item is created action.
      4. Headers - Leave Blank
      5. Body - Leave Blank
    3. Save the flow and click on Test >> Automatically >> With a recently used trigger >> Succeeded.

    5. The Test feature allows us to use the same list item. As we already stopped the inheritance, therefore, using the same list item will give us the visible result.
    6. Now, click on the Test button provided at the bottom. It will execute the flow. Wait for a couple of moments to perform the activity by flow. A few moments later you will get the screen like below 😉


    8. Now go back to the permissions page and refresh the same. You will be surprised to see that unique permissions have been vanished. The item again started inheriting permissions. Wow!

    10. This way, you can Set/Reset the Permissions Inheritance.
    11. In case, if you wish to remove only particular group then you need to use below Uri-
      1. _api/web/lists/getByTitle('[LIST_TITLE]')/items([ItemID])/roleAssignments/groups/removebyid([Group_PRINCIPLE_ID])]
  3. Key Points-
    1. Stopping Permissions Inheritance removes all the permissions except-
      1. Creator of that item
      2. Site Collection Admins
With this, I am concluding this post.
Happy Coding !!!
Will see you again with some new topics.

Stay Safe !
Stay Healthy !
at
Labels: , , , ,

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)