locked
How to replace an item's permission for multiple users? RRS feed

  • Question

  • I have a workflow with a parameter to allow user input multiple approvers for the approval workflow. When supply the approvers to the approval workflow, it should be return as 'String' when setting the approval workflow parameters.

    Then after the approval workflow is finished, I need to replace the item permission to only allow the creator, the approvers to read the item. So I try to use the replace permission action to make it, and I also set the approver to be returned as string. But error raised with below exception in log:

    Some of persons or groups used in permission conditions/actions are missing	 
    WinWF Internal Error, terminating workflow Id# 71956a6c-09ad-45d3-93d3-cc128970c6e7	 
    System.ArgumentException: Some of persons or groups used in permission conditions/actions are missing     
    at Microsoft.SharePoint.WorkflowActions.PermissionsHelper.ConvertUsers(ArrayList users, List`1 userNames, List`1 groupIds)     
    at Microsoft.SharePoint.WorkflowActions.PermissionsHelper.GetPermissionsFromParams(ArrayList users, ArrayList roles)     
    at Microsoft.SharePoint.WorkflowActions.PermissionsHelper.ReplacePermissions(IListItemByKeyService hostInterface, WorkflowContext __Context, ArrayList Users, ArrayList Roles, String ListId, SPItemKey itemKey)     at Microsoft.SharePoint.WorkflowActions.WithKey.ReplaceListItemPermissionsActivity.DoUpdate(ActivityExecutionContext provider)     at Microsoft.SharePoint.WorkflowActions.WaitForDocumentUnlockActivity.Execute(ActivityExecutionContextexecutionContext)     
    at Microsoft.SharePoint.WorkflowActions.WithKey.ReplaceListItemPermissionsActivity.Execute(ActivityExecutionContext provider)     
    at System.Workflow.ComponentModel.ActivityExecutor`1.Execute(T activity, ActivityExecutionContext executionContext)     
    at System.Workflow.ComponentModel.ActivityExecutor`1.Execute(Activity activity, ActivityExecutionContext executionContext)     
    at System.Workflow.ComponentModel.ActivityExecutorOperation.Run(IWorkflowCoreRuntime workflowCoreRuntime)     
    at System.Workflow.Runtime.Scheduler.Run()

    I guess the cause is the code failed to convert a 'string' to a list of users. So does anyone knows that if a parameter contains multiple users, what return type should it be when use replace permission action?

    
    

    Alex Du

    Monday, April 22, 2013 3:39 AM

Answers

All replies

  • Besides, I found a post quite close to my case.

    The post

    It suggested that use replace permission action for one user and use Add permission action for multi users in one varialble. I followed this method, but the core is, in the post it mentioned that the users should return as 'String' in the setting of the add permission action. I did this but still got the same exception.


    Alex Du

    Monday, April 22, 2013 11:20 AM
  • "if you use a "person or group" (use "name" as show filed value!) column with "multiple values" checked"

    Are you using "Name" as show filed value!?


    MCTS,MCPD Sharepoint 2010. My Blog- http://www.sharepoint-journey.com
    If a post answers your question, please click "Mark As Answer" on that post and "Vote as Helpful

    Monday, April 22, 2013 11:48 AM
  • "if you use a "person or group" (use "name" as show filed value!) column with "multiple values" checked"

    Are you using "Name" as show filed value!?


    MCTS,MCPD Sharepoint 2010. My Blog- http://www.sharepoint-journey.com
    If a post answers your question, please click "Mark As Answer" on that post and "Vote as Helpful

    Hi Devendra,

    At the begging, no. I didn't noticed that the 'Field Value' in the form parameter setting. It was default 'Account'.

    Then, I changed it to 'Name' but still got the same exception in log.

    And, I dig into this case. If I set return value 'Display Name' in the action setting, the first user in the workflow parameter could be add item level permission but the rest are ignored. This is correct because the return type indicates it only return one user.

    But if I change the return value to 'Display Names, semicolon seperated'. The same exception is back.

    So combine Devendra's reply and my investigation, I guess a combine of 'Show Field' value and return type in action setting is the key of this case.


    Alex Du

    Monday, April 22, 2013 12:42 PM
  • I also found some related posts like

    http://social.technet.microsoft.com/forums/en-US/sharepointcustomizationprevious/thread/e4fa17ab-b83d-4d9d-affb-260eeec563c0

    and

    http://social.technet.microsoft.com/forums/en-US/sharepointcustomizationprevious/thread/1f604da5-027e-4939-8840-ae6943ed91d3

    and

    http://social.technet.microsoft.com/forums/en-US/sharepointcustomizationprevious/thread/e4fa17ab-b83d-4d9d-affb-260eeec563c0

    I found the core of this is, whether the data we feed to the Add permission Action is a combine of user ID and displayname.

    In my case, I created a new column called 'ItemApprovers' of people/group type allowing multiple value and null, the show fied is set to 'Name'.

    The inside the workflow, I assign the item field 'ItemApprovers' to the value I collected from the initiation form parameter, then feed Add permission action with this value and the return type is string, then it works.

    

    Alex Du

    • Marked as answer by Alex Du Thursday, April 25, 2013 3:30 AM
    Thursday, April 25, 2013 3:30 AM