2018-07-25

Fibonacci Elephant logo with Microsoft's Flow logo

This post describes how to add contribute permission for a selected user id to a single item in a list using Microsoft Flow. The flow uses the REST API calls to change the permissions. The walk through uses a custom list with one columns added, Requester which is a Person column.

In Part 1 of this series we broke the inheritance on an item when is was created with our 5 step flow, which created a few variables and then used a HTTP Request to SharePoint using REST API to break the inheritance.

5 step flow from part 1

Using the above flow as a starting point we will continue.

  1. Before we can give a permission level to a person we need to know their Id on this tenancy. This can be fetched using another HTTP Request using REST. The syntax for this is
    _api/web/SiteUsers/getByEmail('name@company.com')

    So using the Requester property of email address we update the URI-String variable and use it in with a GET method in the HTTP request.

    Updating URI-String and sending HTTP Request

  2. The previous step will return the data structured and we need to use the body expression to retrieve it. To make this easy I recommend you rename the step to a simple name, e.g. GetRequestorID
  3. Then add a step to initialise a variable to store the Requester’s ID. In the Value box click on Expression in the Dynamic content and enter in the following and click OK.
    Details of the expression being editedBe aware once you save and close the Flow the details of the expression entered will not be obvious. So to help debug the code later I add a comment of the formula to the step.
  4. The next step is to construct the URI-String needed to give the Requester Contribute permission. The Contribute permission has an ID of 1073741827. In a future post we will look up the ID for the requested permission level by name.The syntax to change the permission is
    _api/lists/getByTitle('MyList')/items(1)/roleassignments/addroleassignment(principalid=12,roledefid=1073741827)

    So we Set the URI-String to the new request and send it as a HTTP request to SharePoint as a POST method.

    Update URI-String to give Contribute permission

  5. Save and create a new item in the list. Then look at the permissions for the new item and you will see it has unique permissions and you have full control and the Requester has Contribute permission.
    Updated Item permissions

Resources

As always we all learn from each other and I am grateful to the resources provided online. Here are the ones that helped me create this series.

“How to manage permissions on a SharePoint List Item using Microsoft Flow! – Series Navigator:

 

About the author 

Laura Graham-Brown

SharePoint Trainer, Consultant and Agony Aunt