cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
antonkhrit
Advocate I
‎02-06-2018 10:00 AM

Set SharePoint item level permissions (break role inheritance, assign permissions) by Microsoft Flow

This article will show how to use Microsoft Flow to break role inheritance and grant permissions on the list item for the user and for specific SharePoint group.

 

In this case, I'm using a few variant of the ‘Change Permissions’ action from Plumasail SP connector, which is a part of Plumsail Actions.

 

Before starting, ensure that you added Plumsail SP connector to Microsoft Flow.

 

This example will show a simple case of business traveling system when a user can create a new request on the business travel as the item in SharePoint list (‘Business Travel Requests‘), specify the requester of the business trip the locations of his business trip, the date of departure and the date of return. Once it is done, the flow breaks the permissions inheritance for the new item and grant permissions for the user that was specified as the requester and for ‘Travel Managers‘ SharePoint group that contains managers who response for business trips.

 

This article is divided to stages:

  • Create SharePoint list
  • Configure Microsoft Flow
 
Create SharePoint list

 

At this stage it was created the new SharePoint list ‘Business Travel Requests’ with following structure:

  • Requester – "Person or Group" field. The user who requests a business trip.
  • Date of Departure – "Date and Time" field. The date of beginning a business trip.
  • Date of Return - "Date and Time" field. The date of ending a business trip.
  • Location - Text field. The destination of a business trip.

This is how the new form looks like:

 

set-permissions-list-new-item.png

 

Configure Microsoft Flow

 

At this stage was created a flow and configured it to start on list item creation for ‘Business Travel Requests’ list. You can find more information about specific parameters of the flow actions in the documentation .

 

The complete flow is below:

 

Microsoft Flow

 

As you can see I used ‘When an item is created’ trigger from ‘SharePoint’ connector and three ‘Change Permissions’ actions.

 
When an item is created

 

At this step I specify values for ‘Site Address’ and ‘List Name’ fields to bind the flow to the ‘Business Travel Requests‘ list.

 
Remove all permissions from item

 

It is a ‘Change Permissions’ action. In this action, I firstly choose ‘RemoveAll’ value for ‘Action type’ field and ‘Item’ value for ‘Target’ field.

 

Then others fields of the form generated automatically based on my parameters.

 

After that, I specified value of ‘Item ID‘ field as ‘ID‘ parameter from ‘When an item is created‘, ‘List name’ as the name of my list with business travel requests (‘Business Travel Requests‘) and specify the URL of the site as the value for ‘SharePoint Site URL‘ field.

 

Grant permissions on item for Requester

 

It is another ‘Change Permissions’ action for granting permissions on the new item for user that was specified as the requester. In this action, I firstly choose ‘Grant’ value for ‘Action type’ field and ‘Item’ value for ‘Target’ field.

 

Then others fields of the form generated automatically based on my parameters.

 

After that, I specified value of ‘Item ID‘ field as ‘ID‘ parameter from ‘When an item is created‘, ‘List name’ as the name of my list with business travel requests (‘Business Travel Requests‘) and specify the URL of the site as the value for ‘SharePoint Site URL‘ field. Next, I specified ‘Role type‘field as ‘Contribute’ and the value of the parameter ‘Requester Email’ from ‘When an item is created‘ as the value of ‘User or group’ field. Also, I specified the URL of the site as the value for ‘SharePoint Site URL‘ field.

 
Grant permissions on item to "Travel Managers" group

 

It is another ‘Change Permissions’ action for granting permissions on the new item for ‘Travel Managers‘ SharePoint group that contains managers who response for business trips.

 

In this action, I firstly choose ‘Grant’ value for ‘Action type’ field and ‘Item’ value for ‘Target’ field.

 

Then others fields of the form generated automatically based on my parameters.

 

After that, I specified value of ‘Item ID‘ field as ‘ID‘ parameter from ‘When an item is created‘, ‘List name’ as the name of my list with business travel requests (‘Business Travel Requests‘) and specify the URL of the site as the value for ‘SharePoint Site URL‘ field. Next, I specified ‘Role type‘field as ‘Contribute’ and the name of the group ‘Travel Managers’*as the value of *‘User or group’ field. Also, I specified the URL of the site as the value for ‘SharePoint Site URL‘ field.

 

That is all, the flow is configured.

 

This post was orignially published here.

Labels:
Comments
About the Author
  • Experienced Consultant with a demonstrated history of working in the information technology and services industry. Skilled in Office 365, Azure, SharePoint Online, PowerShell, Nintex, K2, SharePoint Designer workflow automation, PowerApps, Microsoft Flow, PowerShell, Active Directory, Operating Systems, Networking, and JavaScript. Strong consulting professional with a Bachelor of Engineering (B.E.) focused in Information Technology from Mumbai University.
  • I am a Microsoft Business Applications MVP and a Senior Manager at EY. I am a technology enthusiast and problem solver. I work/speak/blog/Vlog on Microsoft technology, including Office 365, Power Apps, Power Automate, SharePoint, and Teams Etc. I am helping global clients on Power Platform adoption and empowering them with Power Platform possibilities, capabilities, and easiness. I am a leader of the Houston Power Platform User Group and Power Automate community superuser. I love traveling , exploring new places, and meeting people from different cultures.
  • Read more about me and my achievements at: https://ganeshsanapblogs.wordpress.com/about MCT | SharePoint, Microsoft 365 and Power Platform Consultant | Contributor on SharePoint StackExchange, MSFT Techcommunity
  • Encodian Owner / Founder - Ex Microsoft Consulting Services - Architect / Developer - 20 years in SharePoint - PowerPlatform Fan
  • Founder of SKILLFUL SARDINE, a company focused on productivity and the Power Platform. You can find me on LinkedIn: https://linkedin.com/in/manueltgomes and twitter http://twitter.com/manueltgomes. I also write at https://www.manueltgomes.com, so if you want some Power Automate, SharePoint or Power Apps content I'm your guy 🙂
  • I am the Owner/Principal Architect at Don't Pa..Panic Consulting. I've been working in the information technology industry for over 30 years, and have played key roles in several enterprise SharePoint architectural design review, Intranet deployment, application development, and migration projects. I've been a Microsoft Most Valuable Professional (MVP) 15 consecutive years and am also a Microsoft Certified SharePoint Masters (MCSM) since 2013.
  • Big fan of Power Platform technologies and implemented many solutions.
  • Passionate #Programmer #SharePoint #SPFx #M365 #Power Platform| Microsoft MVP | SharePoint StackOverflow, Github, PnP contributor
  • Web site – https://kamdaryash.wordpress.com Youtube channel - https://www.youtube.com/channel/UCM149rFkLNgerSvgDVeYTZQ/