A flow should be able to change the permission of an item in a SharePoint List/document library; this is a very popular pattern in Sharepoint workflows
The following two actions should now be available:
1. Grant access to an item or a folder
2. Stop sharing an item or folder
Please check out these new actions in the SharePoint connector and let us know if you have any feedback!
@sergeluca -- Thanks for the info about this being on the Flow roadmap. I looked at the most recent release notes and checked out the roadmap, but I don't see it anywhere. Can you share a link of where you found this on their roadmap?
We recognize the high value of this ask, and are evaluating dependencies and timelines for roll-out. I'll keep you posted here as roadmap planning progresses.
This is just newspeak for 'we will keep pushing this forward for years on end', isn't it?
Yes we need this absolutely. Please get this enabled sooner than later. Thanks
Has this gone anywhere? We are in process of trying to migrate out of InfoPath over to PowerApps, and we definetly need a replacement for a SP worklfow changing item level perms?
@scmiles-It's possible to implement this using the SharePoint HTTP Connector in Flow today. It just requires more work than having the capability out of the box.
As a stop-gap, I found this article and procedure. I have not tested or validated. @scmiles https://noellawlor.wordpress.com/2018/01/18/setting-sharepoint-item-list-permissions-with-flow/
Even though this can be done in Flow, it is needed often enough that having this as a core action seems like a no-brainer. Can anyone at Microsoft provide an update on this highly requested feature? 🙂
Thanks @sergeluca, workaround works perfect for manage SP list item permissions in MS Flow - https://sergeluca.wordpress.com/2018/05/03/assign-unique-permissions-to-a-document-with-the-new-send....
In my solution I created REST flow (trigger When a HTTP request is received) and pushing parameters: site address, list name, item id, permission level, user/group email and flowID. Actions: breaking inheritance and assigning new permissions are in this REST flow. When you need to set up item level permission, you call this HTTP triggered flow and push paramaters. You can use it across your solutions which provides you more modular concept for your flows and you can build some logic around it.
If you have custom permission levels, here is described how to get the role id: http://www.benprins.net/2017/01/23/sharepoint-get-the-role-id/
EDIT: Securing your REST Flows against unauthorized access: https://www.about365.nl/2018/11/13/securing-your-http-request-trigger-in-flow/ Flow updated.
@Marek1 Are you doing anything special to prevent a user that gets their hands on the post-url from elevating their own priveleges?