none
custom permissions level

    Question

  • Working with a form library.

    Can a custom permission level be created that does the following:

    Add Items.

    Users can only view their documents.

    My problem is, i'm dealing with a form library with that users submit forms to.  Users submit a form, workflow runs, and updates the form permissions.  But, that workflow doesnt always run the second the form arrives in the library.  This causes issues because other users can see the form until the workflow has finished running.


    www.SharePointed.com

    jeudi 28 juin 2012 12:02

Réponses

  • the problem with the above solution is, the workflow might take 5 minutes to run.  this causes a HUGE security hole, because the submitted form would have no security on it, until the workflow got around to running.

    i ended up using the iLove SharePoint execute powershell action.  in the action, i have the script loop every 5 seconds until the document is unlocked. then the remaining workflow steps run.

    http://www.sharepointed.com/2012/07/03/why-wait-for-document-to-be-unlocked-by-document-editor-sucks/

    This along with changing the default view to only display workflows that are Completed, helps to close the security hole.



    www.SharePointed.com

    vendredi 6 juillet 2012 10:25

Toutes les réponses

  • You can make a custom permission level that allows add and edit. Then use the item permission level of edit their own.

    A painful workaround would be to add an approval process that would prevent users from seeing the form until it is approved. So, the approver would simply look to see when the WF finishes (perhaps an email to them at the end of the WF), then approve it & publish it, which would then display to the other users.


    Steve Clark, MCTS | Twin-Soft.com

    jeudi 28 juin 2012 13:25
  • Thanks Steve!

    Only Add and Edit are needed to submit a form to a library?


    www.SharePointed.com

    lundi 2 juillet 2012 12:07
  • You can also try "Item Level Permission" without using a workflow for changing the permission. From the Advanced Settings of the library, enable Item Level Permission so that only the user who created the item can edit it/view it.


    Pman
    http://www.pmansLab.com/

    lundi 2 juillet 2012 16:12
  • Parvez,

    Not seeing that option in the Form Library Advanced Settings.


    www.SharePointed.com

    lundi 2 juillet 2012 18:05
  • Hi eHaze,

    I understand that you want to allow the users to see the forms created by themselves .When using custom permission level ,you can limit the permission to only allow add and view items .But you cannot control that ‘Users can only view their documents’ .

    The item-level permission setting in Advanced Setting is only for lists .In SharePoint library settings ,there is not such an options .You can set item level permission by opening the item in AllItems view and choose Permissions in the Edit Control Block .This should be done manually every time an item is created .

    In order to allow users to see view and edit only their items ,you can use workflows and event handlers edit item level permission .There is an impersonation step in SharePoint Designer workflow .You can add ‘replace list item permissions’  in the impersonation steps to edit item permission .

    For more information about event handler ,you can refer to this site:

    SharePoint EventHandler: Set Item Level Permission: http://basquang.wordpress.com/2009/06/12/sharepoint-eventhandler-set-item-level-permission/

    Thanks,

    Entan Ming

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contacttnmff@microsoft.com.


    Entan Ming

    TechNet Community Support

    mardi 3 juillet 2012 02:17
    Modérateur
  • ahhh... yes. I forgot that option only available for Lists, not for Libraries.


    Pman
    http://www.pmansLab.com/

    vendredi 6 juillet 2012 03:01
  • the problem with the above solution is, the workflow might take 5 minutes to run.  this causes a HUGE security hole, because the submitted form would have no security on it, until the workflow got around to running.

    i ended up using the iLove SharePoint execute powershell action.  in the action, i have the script loop every 5 seconds until the document is unlocked. then the remaining workflow steps run.

    http://www.sharepointed.com/2012/07/03/why-wait-for-document-to-be-unlocked-by-document-editor-sucks/

    This along with changing the default view to only display workflows that are Completed, helps to close the security hole.



    www.SharePointed.com

    vendredi 6 juillet 2012 10:25
  • Unmark as answer. :)


    Steve Clark, MCTS | Twin-Soft.com & Easy Bins Dumpster Rentals of Northern VA. (Specializing in driveway-sized roll-off dumpsters.)

    vendredi 6 juillet 2012 13:55