none
Check if user is in specified group using JavaScript (the specified group include O365 group) RRS feed

  • Question

  • Hi Support,

    I would like to check whether the logon user is in group "AdminGroup" which is defined in the list. I have found the solution from the internet and it seems work fine.

    function TestGroup()
    {
            var clientContext = new SP.ClientContext.get_current();
    	this.currentUser = clientContext.get_web().get_currentUser();
    	clientContext.load(this.currentUser);
    		
    	this.userGroups = this.currentUser.get_groups();
    	clientContext.load(this.userGroups);
    	clientContext.executeQueryAsync(OnQueryTest.bind(this));
    }
    		
    function OnQueryTest() 
    {    
    	var isMember = false;
    	var groupsEnumerator = this.userGroups.getEnumerator();
    	while (groupsEnumerator.moveNext()) {
    	        var group= groupsEnumerator.get_current();         
    		if(group.get_title() == "AdminGroup")
                    {
    			isMember = true;
    			break;
    		}
    	}
    }
    

    However, if the site group "AdminGroup" include some O365 groups, this method is not worked. For example, I have a O365 group "Group A". User 1 and User 2 are added to the O365 group "Group A". Then I add the O365 group "Group A" to the site group "AdminGroup". User 1 is belong to "AdminGroup" now but it cannot be detected by above JavaScript. I would like to know how check if user is in specified group in above case?

    Regards,

    Eric

    Friday, January 26, 2018 2:30 AM

Answers

  • Hi,

    Here is a detailed demo about using Graph API for your reference:

    Azure Active Directory Part 5: Graph API

    And another Quick Workaround, you can create a SharePoint Group and add the user into this SP Group which is consider as the clone of the Office 365 Group, then you can still use the SharePoint JSOM to check if the current user is in the specific group.

    Thanks

    Best Regards


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Saturday, January 27, 2018 12:18 PM

All replies

  • Hi,

    This is because SharePoint JSOM can only get user membership for SharePoint Group not Office 365 Group. So if an Office 365 Group is included in SharePoint Group, we can't use the JavaScript above to check.

    And in SharePoint Online, there is no Client Js API to access Office 365 Group Membership.

    A solution is to check if a user is in Office 365 Group using Azure AD PowerShell, here is the detailed steps:

    1. Open Windows PowerShell, input this command to install Azure AD module:

    install-module azuread


    2. Connect Azure AD using this command, it will promote a window asking for credential, input the Office 365 user account and password which has Office 365 Global Admin permission:

    Connect-AzureAD

    3. After connecting successfully, use the command line below to get Office 365 Group membership for a user:

    Get-AzureADUser -SearchString xxx@xxx.onmicrosoft.com | Get-AzureADUserMembership | % {Get-AzureADObjectByObjectId -ObjectId $_.ObjectId | select DisplayName,ObjectType,MailEnabled,SecurityEnabled,ObjectId} | ft

    Note please remember to replace the user account with yours in the line above.

    It will then output the user Office 365 Group Membership like below:


    Checked user in Admin Center and it works like a charm:

    More information About Azure AD PowerShell Command:

    Quickly list all groups a user is member of or owner of in Office 365

    Azure Active Directory version 2 cmdlets for group management

    Thanks

    Best Regards



    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.


    Friday, January 26, 2018 8:01 AM
  • Hi Jerry,

    I need to check it in the aspx page. I have a list and I have created the edit form (.aspx) using SharePoint Designer. If the logon user is in the group "AdminGroup", I will enable some fields and button to the User. Therefore, I should check if the user in Admin Group in the aspx page. Is it possible to use PowerShell on aspx page or any other solution?

    Regards,

    Eric

    Friday, January 26, 2018 8:20 AM
  • Hi Eric,

    Call PowerShell in a page with Client Script is not easy. 

    I would suggest you can consider using Graph API to achieve checking user Group Membership in Office365, in Graph API, there is a Rest Endpoint will check this:

    POST https://graph.windows.net/myorganization/isMemberOf?api-version
    
    
    Body
    
    {
      "groupId": "5e624f44-d38d-4943-b07c-2bad078f52ff",
      "memberId": "ea59e4d3-a7a1-4b5b-b65f-a25fcc0c0f99"
    }

    It will return a boolean value in the response with true or false:

    {
      "odata.metadata": "https://graph.windows.net/myorganization/$metadata#Edm.Boolean",
      "value": true
    }

    More information :

    https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/functions-and-actions#isMemberOf

    Thanks

    Best Regards


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Friday, January 26, 2018 8:50 AM
  • Hi Jerry,

    I am sorry that I am not familiar with Graph API. Can it be used directly on aspx or I should use it with Visual Studio? Can you give a simple example on this? Thank you very much.

    Regards,

    Eric

    Friday, January 26, 2018 10:03 AM
  • Hi,

    Here is a detailed demo about using Graph API for your reference:

    Azure Active Directory Part 5: Graph API

    And another Quick Workaround, you can create a SharePoint Group and add the user into this SP Group which is consider as the clone of the Office 365 Group, then you can still use the SharePoint JSOM to check if the current user is in the specific group.

    Thanks

    Best Regards


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Saturday, January 27, 2018 12:18 PM
  • Hi,

     

    I am checking to see how things are going there on this issue. Please let us know if you would like further assistance.

     

    You can mark the helpful post as answer to help other community members find the helpful information quickly.

     

    Thanks

     

    Best Regards


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Tuesday, January 30, 2018 1:42 AM