[英]How to get admin roles that I am a member of, from Microsoft Graph using .Net Client SDK?
I know how to get member directory roles filtering by type using the rest query below: 我知道如何使用下面的其余查询按类型过滤成员目录角色:
https://graph.microsoft.com/v1.0/me/memberOf/$/microsoft.graph.directoryRole
So the response from MS Graph api only contains directoryRole
objects. 因此,来自MS Graph api的响应仅包含directoryRole
对象。 Not sure how this can be done using the MS Graph .Net client SDK as we do not specify any OData keyword like Select
or Filter
in the actual Rest request. 不确定如何使用MS Graph .Net客户端SDK来完成此操作,因为我们没有在实际的Rest请求中指定任何OData关键字,例如Select
或Filter
。
Note that I do not want to call just memberOf
and filter directoryRole
type responses in memory on client side, I want this filter to be part of the query as in the URL above, so memberOf
response contains only directoryRole
s. 请注意,我不想仅在客户端的内存中调用memberOf
和filter directoryRole
类型的响应,我希望此过滤器像上面的URL一样是查询的一部分,因此memberOf
响应仅包含directoryRole
。
The Graph Net Client have not directly support your requirement. Graph Net Client无法直接支持您的要求。
But based on my test, we can try the following work around: 但是根据我的测试,我们可以尝试以下解决方法:
Use the following code to get the list with DirectoryRole and then filter by DisplayName, and then check the role template id (For the directoryRole from Me.MemberOf , if the DisplayName contains Administrator , basically, we are admin role. If use the DirectoryRoles api, we can iterate the list and check the role template id ): 使用以下代码获取具有DirectoryRole的列表,然后按DisplayName进行过滤,然后检查角色模板ID (对于Me.MemberOf中的directoryRole ,如果DisplayName包含Administrator ,则基本上是管理员角色。如果使用DirectoryRoles api ,我们可以迭代该列表并检查角色模板id ):
// This will contains the group too, we need to filter it to get the directoryrole
IUserMemberOfCollectionWithReferencesRequest builder = graphClient.Me.MemberOf.Request();
IUserMemberOfCollectionWithReferencesPage page = await builder.GetAsync();
// This is all directoryrole in our tenant, we need to filter by DisplayName contains **Administrator**
IGraphServiceDirectoryRolesCollectionRequest request = graphClient.DirectoryRoles.Request();
IGraphServiceDirectoryRolesCollectionPage directoryRoles = await request.GetAsync();
Results of Me.MemberOf : Me.MemberOf的结果: Results of DirectoryRoles : DirectoryRoles的结果:
If the work around still cannot suit your requirement, I suggest you submit an feature request on uservoice and github issues 如果解决方法仍然不能满足您的要求,建议您在uservoice和github问题上提交功能请求
Supplementary answer: (Unfortunately the filtering is generally pretty limited in Microsoft Graph for directory resources. So you can just use the client side in-memory filter or submit feature request now): 补充答案:(不幸的是,Microsoft Graph中对于目录资源的筛选通常非常有限。因此,您可以只使用客户端内存筛选器或立即提交功能请求):
Theoretically, we can use the rest api like this( The specified filter to the reference property query is currently not supported. ) 从理论上讲,我们可以像这样使用rest api( 当前不支持对引用属性查询的指定过滤器。 )
https://graph.microsoft.com/v1.0/me/memberOf/$/microsoft.graph.group?$filter=groupTypes/any(a:roleTemplateId eq '62e90394-69f5-4237-9190-012177145e10')
And in the C# code which is based on the Graph Client 并且在基于Graph Client的C#代码中
List<QueryOption> options = new List<QueryOption>
{
new QueryOption("$filter",
"groupTypes/any(a:roleTemplateId eq '62e90394-69f5-4237-9190-012177145e10'")
};
IUserMemberOfCollectionWithReferencesRequest builder = graphClient.Me.MemberOf.Request(options);
IGraphServiceDirectoryRolesCollectionRequest request = graphClient.DirectoryRoles.Request(options);
With the SDK, filtering is a function applied to the object. 使用SDK,过滤是应用于对象的功能。 For example: 例如:
var users = await graphClient
.Users
.Request()
.Filter("startswith(displayName,'A')")
.GetAsync();
Unfortunately, this won't help you here since /memberOf
doesn't support $filter
. 不幸的是,因为/memberOf
不支持$filter
,所以这对您没有帮助。 So you would need to do the filtering on the client. 因此,您需要在客户端上进行过滤。
If you're checking a specific directoryRole
, you could come at this from the other direction. 如果要检查特定的directoryRole
,则可以从另一个方向进行检查。 The /members
endpoint does support filtering by member id
: /members
端点确实支持按成员id
过滤:
v1.0/directoryRoles/{role-id}/members?$filter=id eq '{user-id}'
It is important to note here that /members
does not support filtering by userPrincipalName
, only by the actual id
. 这里要注意一点的是/members
不支持通过过滤userPrincipalName
,只能通过实际的id
。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.