spjs_QueryItems failing for users that don't have web level access

Forums SPJS-Utility spjs_QueryItems failing for users that don't have web level access

This topic contains 2 replies, has 2 voices, and was last updated by  Ivan Wilson 4 months ago.

  • Author
    Posts
  • #25264

    Ivan Wilson
    Participant

    I’m using spjs_QueryItems to retrieve details from SharePoint lists in SharePoint Online. I’ve noticed that these calls fail if they are made by users that only have permissions to the list but not the site. Is this a known issue?

    Its the call to the lists.asmx that fails with a 500 response – ‘Access Denied’. If I grant the user read access to the web that the list is on, the call works.

    The user can load the list in their browser without needing permissions to the site. I can’t find any details about lists.asmx needing additional permissions. Have others noticed this?

  • #25281

    Alexander Bautz
    Keymaster

    To be able to use spjs_QueryItems the user must have “Use Remote Interfaces” permission. This is by default on for all groups in a site, but unfortunately the user must have at least read access to the site (or possibly the site collection root site) to be able to use these webservice calls.

    Alexander

  • #25293

    Ivan Wilson
    Participant

    Thanks Alexander. The odd thing we have noticed is that in the top level site collection, users do not need read access to the web for the lists.asmx, but they do need it in a site collection under the /sites/ path. I’m not sure if it is something weird in this environment or root site collections behave differently. I have compared the site collection properties in PowerShell, but they are set up the same.

You must be logged in to reply to this topic.