Warning: file_get_contents(/data/phpspider/zhask/data//catemap/4/string/5.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Microsoft graph api 使用Graph API添加授权管理访问包目录所有者_Microsoft Graph Api - Fatal编程技术网
Fatal编程技术网
  • microsoft-graph-api/
  • Microsoft graph api 使用Graph API添加授权管理访问包目录所有者

Microsoft graph api 使用Graph API添加授权管理访问包目录所有者

microsoft-graph-api

Microsoft graph api 使用Graph API添加授权管理访问包目录所有者,microsoft-graph-api,Microsoft Graph Api,我正在与Microsoft.Graph.Beta 4.0.1-preview和Beta API端点合作,以批量提供授权管理访问包目录。一个似乎没有记录的领域是如何分配像目录所有者这样的角色。我已经能够获得现有的角色分配: var assignments = await graphClient.RoleManagement.EntitlementManagement.RoleAssignments .Request() .Filter($"roleDefinitionId

我正在与Microsoft.Graph.Beta 4.0.1-preview和Beta API端点合作,以批量提供授权管理访问包目录。一个似乎没有记录的领域是如何分配像目录所有者这样的角色。我已经能够获得现有的角色分配:

var assignments = await graphClient.RoleManagement.EntitlementManagement.RoleAssignments
    .Request()
    .Filter($"roleDefinitionId eq '{roleDefinitionId}' and principalId eq '{principalId}'")
    .GetAsync();
尝试创建新角色分配时,我遇到InvalidModel错误:

var assignment = new UnifiedRoleAssignment
{
    RoleDefinitionId = role.Id,
    PrincipalId = catalogRole.PrincipalId.ToString(),
    AppScopeId = $"/AccessPackageCatalog/{catalogId}"
};

await graphClient.RoleManagement.EntitlementManagement.RoleAssignments
    .Request()
    .AddAsync(assignment);

{
    "roleDefinitionId": "e2182095-804a-4656-ae11-64734e9b7ae5",
    "principalId": "c251d039-15aa-4104-8d5b-f91d95da61d9",
    "appScopeId": "/AccessPackageCatalog/603b69ff-283e-4fa3-a7aa-99d51aa4040d"
}
上面的代码非常接近,但遗憾的是API返回了InvalidModel错误

我确信我拥有正确的RoleDefinitionId和PrincipalId,并且我从现有角色分配中复制了AppScopeId格式:

var assignment = new UnifiedRoleAssignment
{
    RoleDefinitionId = role.Id,
    PrincipalId = catalogRole.PrincipalId.ToString(),
    AppScopeId = $"/AccessPackageCatalog/{catalogId}"
};

await graphClient.RoleManagement.EntitlementManagement.RoleAssignments
    .Request()
    .AddAsync(assignment);

{
    "roleDefinitionId": "e2182095-804a-4656-ae11-64734e9b7ae5",
    "principalId": "c251d039-15aa-4104-8d5b-f91d95da61d9",
    "appScopeId": "/AccessPackageCatalog/603b69ff-283e-4fa3-a7aa-99d51aa4040d"
}

我有点相信我试图在API中的错误位置添加新角色分配

我为其他需要这样做的人找到了一个解决办法:

如果我序列化一个Beta.unifiedreleasignment并向图发送一个POST,我也会得到一个InvalidModel错误。所有未初始化的属性都包含在JSON中。不确定Beta Graph SDK是否是这样运行的,如果我手动序列化UnifiedReleasignment,就会发生这种情况:

{
    "appScopeId": "/AccessPackageCatalog/603b69ff-283e-4fa3-a7aa-99d51aa4040d",
    "condition": null,
    "directoryScopeId": null,
    "principalId": "d8f2b33d-fca2-43c9-991c-a45ae674532f",
    "resourceScope": null,
    "roleDefinitionId": "e2182095-804a-4656-ae11-64734e9b7ae5",
    "appScope": null,
    "directoryScope": null,
    "principal": null,
    "roleDefinition": null,
    "id": null,
    "oDataType": "microsoft.graph.unifiedRoleAssignment",
    "additionalData": null
}
如果我序列化一个仅包含我正在设置的属性的变通对象,我就能够创建角色分配:

var assignment = new UnifiedRoleAssignment
{
    RoleDefinitionId = role.Id,
    PrincipalId = catalogRole.PrincipalId.ToString(),
    AppScopeId = $"/AccessPackageCatalog/{catalogId}"
};

await graphClient.RoleManagement.EntitlementManagement.RoleAssignments
    .Request()
    .AddAsync(assignment);

{
    "roleDefinitionId": "e2182095-804a-4656-ae11-64734e9b7ae5",
    "principalId": "c251d039-15aa-4104-8d5b-f91d95da61d9",
    "appScopeId": "/AccessPackageCatalog/603b69ff-283e-4fa3-a7aa-99d51aa4040d"
}
这是C#:

他们建议试用beta.NET SDK的v0.43.0预览版,该版本比v4.0.1预览版更新约2周。没有改变。我通过添加一个新的目录所有者来确认这不是Graph API本身的错误。