3.1.4.1 Retrieving Folder Permissions
Before retrieving the permissions list of a folder, the client attempts to retrieve the folder permissions by reading the folder's PidTagSecurityDescriptorAsXml property ([MS-XWDVSEC] section 2.2.2). To read this property, the client opens the property as a Stream object by sending a RopOpenStream ROP request ([MS-OXCROPS] section 2.2.9.1). The server MUST return an error code of ecNotImplemented instead of satisfying the RopOpenStream ROP request.
To retrieve the current permissions list of a folder, the client SHOULD send the following three ROP requests to the server:
RopGetPermissionsTable ([MS-OXCROPS] section 2.2.10.2)
RopSetColumns ([MS-OXCROPS] section 2.2.5.1), with a column set that includes some or all of the following properties:
PidTagEntryId (section 2.2.4) — If the client is not required to match entries in the permissions list to users, as it would with a search for a particular user, the client SHOULD NOT include this property.
PidTagMemberId (section 2.2.5) — The client MUST include this property.
PidTagMemberName (section 2.2.6) — If the client is not displaying the contents of the permissions list, the client SHOULD NOT include this property.
PidTagMemberRights (section 2.2.7) — The client MUST include this property.
RopQueryRows ([MS-OXCROPS] section 2.2.5.4)
For more details about how the client uses the RopSetColumns and RopQueryRows ROP requests, see [MS-OXCTABL] section 3.1.4. If all three of the ROP requests succeed, the permissions list is returned in the RowData field of the RopQueryRows ROP response buffer. The RowData field contains one PropertyRow structure ([MS-OXCDATA] section 2.8.1) for each entry in the permissions list. When the client is finished with table operations, the client MUST release the Table object by sending a RopRelease ROP request ([MS-OXCROPS] section 2.2.15.3).
The ROP sequence that is used to retrieve the current permissions list of a folder is shown in the following diagram.
Figure 1: Sequence for retrieving folder permissions