none
Using workflow to set unique permissions on list items using 2013 workflow RRS feed

  • Question

  • Hi

    I hope this is the right forum.

    My issue is this:

    I have an item on a list that is created by a user and the item needs to be approved by the users manager. Until the item is approved both user and manager have edit permissions. After the item has been approved the item is set to read-only for user and manager.

    The list is created with the standard permission structure, that owners have full control and users can only see the items they themselves have created.

    A manager should only have access to the items of the user, to whom he is manager.

    In a 2010 workflow that was easily accomplished by using an Impersonation Step, where I could set the permission levels on each item individually.

    My question is this, how do I accomplish this in a 2013 workflow?

    My company has an on-premise SharePoint 2013 solution (no Azure, no cloud) and I use SPD 2013

    Regards Teis

    Monday, March 7, 2016 11:00 AM

Answers

  • Hi Teis,

    Unfortunately this is not available with SharePoint 2013 workflows. The new workflow model in SharePoint 2013 has many benefits, but the drawback to it is that it is currently not possible to do an impersonation step.

    When you create a workflow in SharePoint Designer, you can choose which workflow model to use, and if you need to use an impersonation step and set custom permissions then you need to select the SharePoint 2010 model.

    If your workflow does more than setting permissions, and has other logic or flow control, then I would suggest creating a SharePoint 2013 model workflow which handles all of that, and have it trigger a SharePoint 2010 workflow to set the permissions.

    • Marked as answer by TeHelweg Tuesday, March 8, 2016 8:01 AM
    Monday, March 7, 2016 11:21 AM

All replies

  • Hi Teis,

    Unfortunately this is not available with SharePoint 2013 workflows. The new workflow model in SharePoint 2013 has many benefits, but the drawback to it is that it is currently not possible to do an impersonation step.

    When you create a workflow in SharePoint Designer, you can choose which workflow model to use, and if you need to use an impersonation step and set custom permissions then you need to select the SharePoint 2010 model.

    If your workflow does more than setting permissions, and has other logic or flow control, then I would suggest creating a SharePoint 2013 model workflow which handles all of that, and have it trigger a SharePoint 2010 workflow to set the permissions.

    • Marked as answer by TeHelweg Tuesday, March 8, 2016 8:01 AM
    Monday, March 7, 2016 11:21 AM
  • Hi Steven

    Thank you for your reply. I could easily work with a mix of 2010 and 2013 workflows as you suggest.
    However,  I find it hard to believe that approval by a third person (who should not have edit permissions on the entire list), is a rare occurrence, so I'm wondering if you know when there might be plans to implement a functionality like that in 2013 (or a future version)?

    Tuesday, March 8, 2016 8:01 AM