cancel
Showing results for 
Search instead for 
Did you mean: 

set item level security in SharePoint

A flow should be able to change the permission of an item in a SharePoint List/document library; this is a very popular pattern in Sharepoint workflows

 

Serge Luca

SharePoint MVP

Status: Completed

Hi all,

 

The following two actions should now be available:

1. Grant access to an item or a folder

2. Stop sharing an item or folder

 

Please check out these new actions in the SharePoint connector and let us know if you have any feedback! 

 

 

 

Thanks,

Chaks

Comments
Level: Powered On

This would be fantastic. 


At the moment I'm looking at basic approval system. User creates a record in a list, flow sends it for approval.

 

What I would like is for the Flow to update a column in the list to say Approved and then change the permission of the list record, so the user can't edit the record after approval. Would this help here?

Flow Staff
Status changed to: Completed

Hi all,

 

The following two actions should now be available:

1. Grant access to an item or a folder

2. Stop sharing an item or folder

 

Please check out these new actions in the SharePoint connector and let us know if you have any feedback! 

 

 

 

Thanks,

Chaks

Level: Powered On

Is it possible to specifity who gets or doesn't get access though?

 

If items is updated then remove access from "Group X" but leave "Group Y" permission intact?

Level 10

I would not consider this complete functionality as requested, it would not bee too usable in the current form.

 

Grant Action - Breaks Permission and Adds the user if they do not already have access.

Whilst this is OK the following changes would be a good addition

1. Use sharepoint ootb permissions levels

2. add user regardless if they already have access

 

Often you may add a user and manager to a list item and then remove another group i.e. Intranet Members. In the current functionality this would break as they would of never been added.

 

Stop sharing - should be renamed to be clearer to match SharePoint interface i.e. Stop Inheriting Permissions. - This action also returns 403 forbidden currently. (so i am assuming that is what the action does)

 

There also needs to be a 3rd flow action to remove specific permissions. i.e. the opposite of specific grant action.

 

Plumsail do this in 1 flow action and very easy to use and covers all bases.

 

i.e.

Action Type - Grant or Remove

Target - Site, List, Item, Folder, Document

Role Type - Contribute, Full Control, Read, Design, Edit

SharePoint Site URL: URL to the site

User or Group

If List - Title or URL of the List

if Item - Title or URL of the List and the Item ID

if Folder - Folder URL

if Document - Title or URL of the Library and the Item ID

 

Level: Powered On

@Chakkaradeep 

 

So close and yet so far. It feels like who ever was scoping this has never worked with SharePoint workflows using SharePoint designer and used the built in actions for permissions that already existed. We need at least those same actions if we want to transition existing workflows over to Flow. 

 

The most important action for me was "replace permissions" which broke the inheritance, removed everything existing, and allowed you to specify what the new full set of permissions for that item looked like. It was a single action. 

 

Also, we NEED to be able to work with (add/remove) SharePoint Groups, not just users. 

 

We can already access this functionality via rest-api calls using the send http request sharepoint action, but they're very very time consuming to set up and troubleshoot compared to the SharePoint designer actions we're all coming from.

 

If you need help figuring out how to move forward with this, please contact me, I'd be happy to work with you to make sure this is going to fit the needs of the people who are transitioning business processes that have already been established. I can provide examples of all the various situations these things are used for.