问题
I know how to get member directory roles filtering by type using the rest query below:
https://graph.microsoft.com/v1.0/me/memberOf/$/microsoft.graph.directoryRole
So the response from MS Graph api only contains directoryRole
objects. Not sure how this can be done using the MS Graph .Net client SDK as we do not specify any OData keyword like Select
or Filter
in the actual Rest request.
Note that I do not want to call just memberOf
and filter directoryRole
type responses in memory on client side, I want this filter to be part of the query as in the URL above, so memberOf
response contains only directoryRole
s.
回答1:
With the SDK, filtering is a function applied to the object. For example:
var users = await graphClient
.Users
.Request()
.Filter("startswith(displayName,'A')")
.GetAsync();
Unfortunately, this won't help you here since /memberOf
doesn't support $filter
. So you would need to do the filtering on the client.
If you're checking a specific directoryRole, you could come at this from the other direction. The /members endpoint does support filtering by member id
:
v1.0/directoryRoles/{role-id}/members?$filter=id eq '{user-id}'
It is important to note here that /members
does not support filtering by userPrincipalName
, only by the actual id
.
回答2:
The Graph Net Client have not directly support your requirement.
But based on my test, we can try the following work around:
Use the following code to get the list with DirectoryRole and then filter by DisplayName, and then check the role template id(For the directoryRole from Me.MemberOf, if the DisplayName contains Administrator, basically, we are admin role. If use the DirectoryRoles api, we can iterate the list and check the role template id):
// This will contains the group too, we need to filter it to get the directoryrole
IUserMemberOfCollectionWithReferencesRequest builder = graphClient.Me.MemberOf.Request();
IUserMemberOfCollectionWithReferencesPage page = await builder.GetAsync();
// This is all directoryrole in our tenant, we need to filter by DisplayName contains **Administrator**
IGraphServiceDirectoryRolesCollectionRequest request = graphClient.DirectoryRoles.Request();
IGraphServiceDirectoryRolesCollectionPage directoryRoles = await request.GetAsync();
Results of Me.MemberOf: Results of DirectoryRoles:
If the work around still cannot suit your requirement, I suggest you submit an feature request on uservoice and github issues
Supplementary answer: (Unfortunately the filtering is generally pretty limited in Microsoft Graph for directory resources. So you can just use the client side in-memory filter or submit feature request now):
Theoretically, we can use the rest api like this(The specified filter to the reference property query is currently not supported.)
https://graph.microsoft.com/v1.0/me/memberOf/$/microsoft.graph.group?$filter=groupTypes/any(a:roleTemplateId eq '62e90394-69f5-4237-9190-012177145e10')
And in the C# code which is based on the Graph Client
List<QueryOption> options = new List<QueryOption>
{
new QueryOption("$filter",
"groupTypes/any(a:roleTemplateId eq '62e90394-69f5-4237-9190-012177145e10'")
};
IUserMemberOfCollectionWithReferencesRequest builder = graphClient.Me.MemberOf.Request(options);
IGraphServiceDirectoryRolesCollectionRequest request = graphClient.DirectoryRoles.Request(options);
来源:https://stackoverflow.com/questions/52208815/how-to-get-admin-roles-that-i-am-a-member-of-from-microsoft-graph-using-net-cl