0

I'm trying to iterate over a dataset of SharePoint groups Id's, via the REST API, and process the results. The thing is, I don't have access to all the groups (this is expected). In this case, I'd like to log the group ID as "access denied" and move on to the next one.

When the code gets to the first group that I don't have access to, I'm prompted for credentials, as anticipated. Whether I enter cred's or just click "cancel" I I get the anticipated 401 error and the script just exits with-

HTTP401: DENIED - The requested resource requires user authentication.
(XHR)GET - https://{sourceSharePointSite}/_api/Web/SiteGroups/GetById({groupID})/Users

So, yes, I get the ID of the first group I don't have access to, but the script just exits and I really need to check the rest of the groups (more than 400 of them. don't ask)

Here's my code...

function getMultiGroupMembers(arrGroups){// arrGroups is an object defined earlier
  $(arrGroups).each(function(i){
    var myId = arrGroups.results[i].Id;
    var myTitle = arrGroups.results[i].Title;
    log("Group ID: "+myId+" Group Name: "+myTitle+ " Members:"); 
    getData(myId).then(function() {
      log( "getMultiGroupMembers success" );
    }, function() {
      log( "getMultiGroupMembers fail" );
    })  
  });  
}

function getData(groupId) {
  var url = myUrl + "/_api/Web/SiteGroups/GetById("+groupId+")/Users";
  return $.getJSON(url).then(function(data){
    log("getGroupMembers() success: " + data);
    arrUsers = jsonToCsv(data.d); // convert the JSON object to CSV for exporting
    log(JSON.stringify(arrUsers)); // display the results in the log
  }, function(err) {
    var dfd = $.Deferred();
    dfd.reject(err)
    return dfd.promise();
  })
}

Really not sure what I'm missing. I've tried in MS Edge and Chrome

Chris G.
  • 329
  • 4
  • 17
  • 1
    Not sure, but I think jQuery stops all the ajax calls on the first fail() call. [See this answer for more info](https://stackoverflow.com/a/7881733/3585500). Multiple people have written a `$.whenAll()` to fix this. – ourmandave Dec 03 '18 at 22:34

1 Answers1

1

UPDATED:

Use this endpoint: _api/web/currentuser/groups . It will show all groups that user has access. Use /_api/Web/SiteGroups to get all groups. Filter second by first and you will get you want.

OLD:

May be you can change logic to another?

1. Get all groups that you have access. Just call "/_api/Web/SiteGroups" without any additional parameters. SharePoint REST API must return you only available to you groups. Exclude all gotten groups from your predefined list. All remaining groups from predefined list would be that you want to found, i.e. with "access denied".

I understand that this logic not consider not existed groups. But may be your current logic also not consider not existed groups. If you don't have access to group then you cannot understand if it is existed or not.

2. Also if you use SharePoint On-premise then you can create web service. Web service will get all groups by elevated privelege under some service account. =) And you can call this web service methods.

  • Thanks, but "/_api/Web/SiteGroups" returns all the groups, not just the ones I have access to. That's how I got the huge list in the first place. – Chris G. Dec 07 '18 at 15:04
  • @Chris G. What about my second suggestion ? Web service with elevated privileges. In this web service you can get each group and check if you exists in this group and return expected results. How you understand Is you have access to group or not? If it is you are member of group then web service really can help you. But I understand that it is more complex and may be not so good solution. =) –  Dec 07 '18 at 15:46
  • It's a locked down environment. No new web services or server side code. They won't even allow powershell get commands. Hence, my need for client side approach. But, thank you. – Chris G. Dec 10 '18 at 14:18
  • @ChrisG. Is your code will host on your side ? In your environment ? Or it is hosted on customer environment in SharePoint ? If first case - then you always can create server code in your environment. If second case - then I cannot suggest anything now. =) –  Dec 10 '18 at 15:55
  • @ChrisG. I think I found some useful for you. Can you check this. SP.User has "groups" property. See here: https://msdn.microsoft.com/en-us/library/office/jj244862.aspx. You can always get current user (or not current) groups and filter groups from "/_api/Web/SiteGroups" by user groups. And you will get what you want. http:////_api/web/sitegroups(groupid)/users(loginname)/groups || http:////_api/web/sitegroups –  Dec 10 '18 at 16:08
  • 1
    @ChrisG. Use this endpoint: _api/web/currentuser/groups . It will show all groups that user has access. Use /_api/Web/SiteGroups to get all groups. Filter second by first and you will get you want. –  Dec 10 '18 at 16:10
  • Yep!, using "_api/web/currentuser/groups" was the trick. Out of the many groups, I only have access to one. – Chris G. Dec 11 '18 at 16:29
  • Good. =) Mark answer as best. –  Dec 11 '18 at 16:46