cli-microsoft365 icon indicating copy to clipboard operation
cli-microsoft365 copied to clipboard
verified publisher icon pnp

New command: `spe containertype permission list`

Open milanholemans opened this issue 6 months ago • 9 comments

Usage

m365 spe containertype permission list [options]

Description

Lists all permissions of a container type

Options

Option Description
-i, --containerTypeId [containerTypeId] The ID of the container type. Specify either containerTypeId or containerTypeName but not both.
-n, --containerTypeName [containerTypeName] The name of the container type. Specify either containerTypeId or containerTypeName but not both.

Examples

Lists all permissions of a container type by ID

m365 spe containertype permission list --containerTypeId 4ec4aefd-4fa3-0e4a-20c3-6e68389e7138

Lists all permissions of a container type by name

m365 spe containertype permission list --containerTypeName "Contoso container type"

Default properties

  • appId

Additional Info

  • This command can only be called with delegated permissions
  • This command uses a Graph beta endpoint and should have a warning about it being unstable in the docs.

API request:

https://learn.microsoft.com/en-us/graph/api/filestoragecontainertyperegistration-list-applicationpermissiongrants?view=graph-rest-beta&tabs=http

milanholemans avatar Jun 17 '25 22:06 milanholemans

@andrewconnell, we were hoping to create the command above to list the permissions of a container type, assuming the same API used to set permissions could also retrieve them. However, during testing, it seems that such an API might not exist. Do you know if there's a way to list container type permissions, or is it simply not possible at all?

milanholemans avatar Jun 18 '25 22:06 milanholemans

@milanholemans I'm not aware of the ability to set permissions on a container type; only containers have permissions. The purpose of a container type is to link containers with an Entra ID app & billing profile.

If you can apply permission on a container type, that would be news to me (and a feature added since GA).

What's the scenario for that?

andrewconnell avatar Jun 21 '25 20:06 andrewconnell

@andrewconnell, there might be a bit of confusion here. When you create a container type, you also need to explicitly register your app in order to use that container type. You can do this by making the following request:

POST https://contoso.sharepoint.com/_api/v2.1/storageContainerTypes/2c6186f6-e16d-49f9-bd03-bf3ee800054b/applicationPermissions
{
    "value": [
        {
            "appId": "{{ClientID}}",
            "delegated": ["full"],
            "appOnly": ["full"]
        }
    ]
}

While drafting the commands for this, we assumed there would also be an endpoint to list existing permissions for a container type, similar to how setting them works. However, it appears that this functionality is not currently working on my end.

milanholemans avatar Jun 23 '25 21:06 milanholemans

Ah... now I see what you mean. I'm not aware of a way to list the permissions. I can check with the PG tho...

andrewconnell avatar Jun 23 '25 22:06 andrewconnell

Ah... now I see what you mean. I'm not aware of a way to list the permissions. I can check with the PG tho...

That would be cool, thanks!

milanholemans avatar Jun 23 '25 22:06 milanholemans

Same comment here, I would suggest using the Graph Beta endpoint instead of the SP Rest API GET /storage/fileStorage/containerTypeRegistrations/{fileStorageContainerTypeRegistrationId}/applicationPermissionGrants.

Ref: https://learn.microsoft.com/en-us/graph/api/filestoragecontainertyperegistration-list-applicationpermissiongrants?view=graph-rest-beta

Jwaegebaert avatar Aug 13 '25 21:08 Jwaegebaert

Seems like a good idea to me to use the new Graph endpoint for this command. Thanks @Jwaegebaert, I'll update the issue.

milanholemans avatar Aug 14 '25 08:08 milanholemans

@pnp/cli-for-microsoft-365-maintainers made changes with the new endpoint.

milanholemans avatar Aug 14 '25 22:08 milanholemans

LGTM!

Jwaegebaert avatar Aug 14 '25 22:08 Jwaegebaert