SharePoint 2013 - REST API about Security

1. 与 权限、用户 相关的REST API

获取站点中所有权限级别 Permission Levels --> http://host url/sites/jacky/_api/Web/roledefinitions
获取站点中所有用户 Users --> http://host url/sites/jacky/_api/Web/siteusers -->(结果相当于http://host url/sites/jacky/_layouts/15/people.aspx?MembershipGroupId=0，但前者得到的结果数目可以会多余后者，因为站点中可能存在了一些域用户组)

获取站点中所有用户组 User Groups --> http://host url/sites/jacky/_api/web/roleassignments/groups

2. 获取file 或者 folder 级别的权限：

http://host url/sites/jacky/_api/Web/GetFolderByServerRelativeUrl('/sites/jacky/Documents/Folder1')?
$expand=ListItemAllFields/RoleAssignments/RoleDefinitionBindings,ListItemAllFields/RoleAssignments/Member/Users&
$select=ServerRelativeUrl,ListItemAllFields/RoleAssignments/Member/Title,ListItemAllFields/RoleAssignments/Member/PrincipalType,ListItemAllFields/RoleAssignments/Member/Users/Title,ListItemAllFields/RoleAssignments/Member/Users/PrincipalType,ListItemAllFields/RoleAssignments/RoleDefinitionBindings/Name,ListItemAllFields/RoleAssignments/RoleDefinitionBindings/Order

得到的结果如图：

读取结果的代码为：

　　　　　　　　　　$.ajax({
                    url: restURI,
                    type: "GET",
                    headers: {"Accept": "application/json;odata=verbose"},
                    success: function(data){
                      if(data.d.ListItemAllFields.RoleAssignments.results){
                          $.each(data.d.ListItemAllFields.RoleAssignments.results, function(index, item){
                              //item.Member.Title -> name of group or user， 得到当前file/folder权限中的用户或者组的名称，比如 XXX Owners， XXX Members等
                              //item.Member.PrincipalType -> 8 is group, 1 is user， 判断此结果是用户还是组

                              //get permission levles of a group/user
                              $.each(item.RoleDefinitionBindings.results, function(index, item){
                                  //item.Name --> permission level name， 得到当前用户或组的权限，比如Full Control, Contribute等
                                  //item.Order --> 1 to 160， Full Control是1，Limited Access是160
                              });

                              if(item.Member.PrincipalType == 8){
                                  $.each(item.Member.Users.results, function(index, item){
                                      //item.Title --> user name，得到当前组中的人员
                                  });
                              }
                          });
                      }
                    },
                    error: function(xhr){
                      alert(xhr.status+': '+xhr.statusText);
                    }
                });

2.