microsoft-graph-devx-api icon indicating copy to clipboard operation
microsoft-graph-devx-api copied to clipboard
verified publisher icon microsoftgraph

Ordering of Permissions

Open gavinbarron opened this issue 2 years ago • 1 comments

Describe the bug The ordering of permissions should be least to most in reading order. I'm told that the results of the DevEx Permissions API are used to populate the permissions blocks on docs pages. Now that we have split into having a minimal permission and a list of "higher" permissions the higher list does not appear to be ordered.

To Reproduce Go to https://learn.microsoft.com/en-us/graph/api/group-list-transitivemembers?view=graph-rest-1.0&tabs=http#permissions Observe the list of Higher privileged permissions

Expected behavior The higher privileged permissions are ordered in such a way that ensures that Group.Read.All is before Directory.Read.All There's some room for debate as to if Directory.Read.All is higher than GroupMember.ReadWrite.All or not. But we should aim to have a clear rationale for the ordering of permissions be it by breadth of access and then read/write or by read/write and then by breadth of access.

The current ordering is at time confusing and could result in customers believing that they are using relatively less privileged permissions when they are not.

gavinbarron avatar Nov 01 '23 21:11 gavinbarron

@darrelmiller Can we use the privilegeLevel property to order the permissions in the 'Higher privileged Permissions' column?

millicentachieng avatar Jan 15 '24 08:01 millicentachieng