SharePoint Group

To discuss and share about SharePoint and .NET learning and development experiences

How to use work flow to change list item permissions by SharePoint Designer 2010

Image

Question from user requirement:

  • Want to have a “Buy and Sell” list using SharePoint 2010 Discussion Board Template.
  • All the users should be able to create a post, reply a post or attach images or other files.But, only the owners can delete their posts.

Solution:

1. Create a Active Directory Group “G-Visitor” to hold all the users. It is necessary to manage the users by AD group

2. Create two permission levels: “Post Reply” and “Post Contributor”

2.1  Create “Post Reply”

  • Click “Site Permission”->”Permission Levels”
  • Select “Read” permission level, go to very end to click “copy permission level”
  • Fill out the name as “Post Reply”, fill out the description
  • In “list permissions” section, click “Add item” permission
  • Click create

2.2  Create “Post Contributor”

  • click “Site Permission”->”Permission Levels”
  • Select “Contribute” permission level, go to very end to click “copy permission level”
  • Fill out the name as “Post Contributor”, fill out the description.
  • Remove unnecessary permissions
  • Click create

3. Create a document library using “Asset Library” template

  • At “Library Permissions”, click “Stop inheriting permissions”
  • Remove other user permissions by selecting the unused users/groups, then clicking “remove user permissions”
  • Click “grant permissions”, then give “G-Visitor” the “Contribute” permission

  4.Create a list based on discussion board template

4.1 List level permission setting  

  •     At “List Permissions”, click “Stop inheriting permissions”
  •     Remove other user permissions by selecting the unused users/groups, then clicking “remove user permissions”
  •     Click “grant permissions”, then give “G-Visitor” the “Post Contributor” permission

4.2 List item level permission setting
this step has two options
4.2.1 easy way

  •     at “List setting”->”Advanced settings”->”Item-level permissions” section->”Create and Edit access”
  •     click “Create items and edit items that were created by the user”
  •     done

problem: users can’t delete others’ posts, however the “delete item” button still display.
when users click the button for others’ posts, an error happens.
4.2.2 Work Flow way
open the share point designer 2010, click “list/library”-> select the “Buy and Sell” list,
then click “list work flow” to create a list work flow
4.2.2.1  Add “impersonate step” * this step is very important *
because this list work flow going to change user permission, so we need the work flow running under author’s permission
click the very top, there is a bar, then you will see the “impersonate step” button high lighted, then add
4.2.2.2 Remove G-Visitor’s “Post Contributor” permission in item level

  •             Click “Action”->in “List Actions” section, click “Remove list item permissions”
  •             In the work flow diagram, “Remove these permissions from item in this list” will display
  •             Click “these permissions” link, in the “Remove list item permission” window, click “Add”
  •             Click “Choose”, then select “G-Visitor”, click “Add>>” then click “OK”
  •             In “choose permission to remove”, select “Post Contributor”
  •             Click “OK”
  •             Click “this list” link, select “current item”, click “OK”

4.2.2.3 Replace G-Visitor as “Post Reply” permission in item level

  •             Click “Action”->in “List Actions” section, click “Replace list item permissions”
  •             In the work flow diagram, “Replace these permissions from item in this list” will display
  •             Click “these permissions” link, in the “Replace list item permission” window, click “Add”
  •             Click “Choose”, then select “G-Visitor”, click “Add>>” then click “OK”
  •             In “choose permission to grant”, select “Post Reply”
  •             Click “OK”
  •             Click “this list” link, select “current item”, click “OK”

4.2.2.4 Add current post owner as “Post Contributor” permission in item level

  •             Click “Action”->in “List Actions” section, click “Add list item permissions”
  •             In the work flow diagram, “Add these permissions from item in this list” will display
  •             Click “these permissions” link, in the “Add list item permission” window, click “Add”
  •             Click “Choose”, then select “User who created current item”, click “Add>>” then click “OK”
  •             In “choose permission to grant”, select “Post Contributor”
  •             Click “OK”
  •             Click “this list” link, select “current item”, click “OK”

Done

About these ads

7 responses to “How to use work flow to change list item permissions by SharePoint Designer 2010

  1. kmtaotao May 10, 2012 at 8:26 pm

    Great one!

  2. Giorgos October 17, 2012 at 1:05 pm

    What I would like to do the same but also to restrict NOT owners to read post (not reading one each other’s post) and only ONE user, reading and >>REPLYING<< to any others post.. ive tried the "Read items that were created by the user" option, but that way it is impossible for the owner to see the ONE USER's reply…..

    • terrychen0123 October 17, 2012 at 1:20 pm

      Giorgos, did you break the permission inheritance? By the way, you can try lower the owner’s permission to different permission level, which can’t read the posts.
      Hope it helps.

  3. Matthew Carter January 21, 2013 at 7:24 pm

    Thank you for posting this. It is great to be able to walk through this to setup an internal buying and selling list / discussion list. One issue I have is that I don’t know how to associate / link image previews with the discussions to have the asset library and the dicussion list work together. Did I miss something? Thank you again!

    • terrychen0123 January 22, 2013 at 1:39 am

      If you use document library to store the images, SharePoint will automatically generate the image preview, as well as the link associated with your original image.
      However, in this solution, you have to create a library to store the images, which I think is too much for this app.
      Plus, the image preview is the same size of your original image.
      That is why I came out another version that directly save the images in the attachment of the discussion board.
      I have another event handler to generate the thumbnail and save it in the attachment as well.
      Then I use JQuery to show the thumbnail of the images, as well as provide the original link of the image.
      In addition, I use another Javascipt library, called colorbox to have a gallery to disply the images.
      If you are interested in this topic, I will write another article for the detail implementation.

  4. Sp February 6, 2013 at 12:27 pm

    Hello
    How can i give permission reassign task user

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: