problem using impersonation step with documen set
-
Sunday, February 19, 2012 9:25 AM
Hi
I want to do the following :
In a SPD workflow, after a certain point in the approval process, i want to put read acces (change perrmissions on some forms inside a document set, or on the whole document set).
Questions :
- In SPD ribbon, the command to insert a impersonation step is always disabled, and i am logged in as a user with full access. Why ?
- If I succedd in adding an impersonation step, is it possible with the impersonation actions to change the permission for a group (insted of a user)
- changing persmission on the document set will atomatically set the permission on all forms inside the document set ?
All Replies
-
Sunday, February 19, 2012 4:03 PM
hi,
the below posts solve your question 1 .
check other notes section in the below article:
http://sharepointresourcecenter.com/sharepoint-2010-workflows-impersonation.html
for your quetion 2:
If I succedd in adding an impersonation step, is it possible with the impersonation actions to change the permission for a group (insted of a user)
if other user want to do same action of author then you will use the Impersenation step . this is not for the group. your making all users have permission of author of the workflow if you create a impersonation step in workflow.
the below article shows the example:
http://1ask2.com/sharepoint/Impersonation/ImpersonationStep.html
for your question 3:
"In regards to security, you can apply security to a Document Set as a single entity, similar to what you could do with Document Libraries or Folders. So if you have a bunch of documents that are grouped into a Document Set, (for example an RFP response, or all documents related to a merger etc) it may make sense to apply security directly to that document set, making the security slightly different from the parent library"
check in the below link
MCTS,MCPD Sharepoint 2010. My Blog- http://sharepoint-journey.com
If a post answers your question, please click "Mark As Answer" on that post and "Mark as Helpful- Marked As Answer by Mihnea Niculescu Tuesday, February 21, 2012 4:09 PM
- Edited by Devendra Velegandla Wednesday, February 06, 2013 12:32 AM
-
Tuesday, February 21, 2012 4:20 PM
Ok i succed in addind a impersination step.
I did not work the way i intended.
Here is what i done :
- i work on customized version of the Approval workflow (added some pseudo-code with sp designer)
- After the step 1 Start Approval process ... , i added a impersonalization step. This impersonalization step should then be executed after the Step1, so after the approval is done, am i right ?
- in the impersonation step, i added 1 action "remove Collaboration, Conception and Total Control permissions on Current Item for a given user (so the user has only read-only persmissions left)
I tested, I launch the workflow on a document set, but after the workflow ends, and i log with the user, it can still delete the document set.
What i have done wrong ?
And I have another question :
Is it possibe to add an impersonation step inside of a task event (for exemple when the task has finished) . I need this because I want to set read-only permissions on the Current item in the middle of the workflow, and not at the end of the workflow.
Thanks
- Marked As Answer by Mihnea Niculescu Friday, March 09, 2012 10:22 AM
-
Friday, March 09, 2012 10:22 AM
SOLVED :
impersonation step works with document set as well, of course. The problem i had was solved by taking care about those things :
- when you do an impersonation step, the code within this step is executed with the rights of the person who CREATED and PUBLISHED the workflow in SP Designer. This person must be a site collection admin (spadmin), defined in the SP Central Administration site
- if you use the impersonation step to change permissions on one document inside a document set, you have to fist log in as spadmin and then go in the settings of the library and then breaks inheritance for user rights on the whole library. Then you can change permissions for each doc (or document set) with the code in sp designer inside the imperonation step.
- you have to understand the following : if a user have only collaborative rights, and if you remove those right, the user won't have any other right, even read rights. To set a document read only you have to have the user have bots collaboartion and read rights, and then remove collaboration rigths.
- if you change the permissions for a document set. all the items inside of it will change the permissions as well
- Edited by Mihnea Niculescu Friday, March 09, 2012 3:15 PM
