Solved

Changing SharePoint 2010 Document Permissions with Workflow

Posted on 2011-03-03
6
1,178 Views
Last Modified: 2012-05-11
We have a list that contains Word documents and each document has a Managed Metadata column which lists the Owner of that Word document. I would like to create a workflow that starts when a new Word document is added to the list, to lookup the Owner in the Managed Metadata column and change the permissions of the document. I would like it to have the document stop inheriting permissions from parent and grant that document Owner Contribute access.

I have all of the owner lookups and everything done but am having trouble with the permission aspect of it. I am trying to do all of this through SPD2010 with no custom-coding. I downloaded a WSP which allows me to Grant and Delete specific permissions on documents but it doesn't work because the document is still set to inherit permission from its parent.

Is there a way through the workflow to tell the document to stop inheriting permissions from its parent? Or is there a doc library setting which will have all of the documents it contains NOT inherit its permissions?
0
Comment
Question by:ICG
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 3

Expert Comment

by:AndrewSkoraro
ID: 35029520
I think you may have run into a road block.  I can make a recommendation.  You could create and event handler to make the appropriate modifications after the new item has been created.  This would allow you the functionality and still use your current work flow.  Events for SharePoint are very easy to create and deploy, but do require coding and packaging.  
0
 
LVL 1

Accepted Solution

by:
ICG earned 0 total points
ID: 35029548
I actually just figured it out. It is an OOTB solution built-into SPD2010. If you use an Impersonation Step, you can replace the list item permissions.
0
 
LVL 15

Expert Comment

by:dp_expert
ID: 35034392
One important remark:

SharePoint does not handle high permissions granuality too well. If you have more than three hundred of documents and around 3-4 permission settings per document then you can run into a serious problems.

See here for more details http://msdn.microsoft.com/en-us/library/cc262787.aspx (look for "Security scope") - you can see that exceeding this treshold will affect your entire farm. We had this problem with one implementation and we could not reverse the damage.
0
SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

 
LVL 1

Author Comment

by:ICG
ID: 35058569
Thank you for pointing this out! Luckily, this library only holds around 60 Word documents right now and only two permission settings per document.

I will bring this up to the team though so we can plan going forward.

What did you end up doing to counter the issue?
0
 
LVL 15

Expert Comment

by:dp_expert
ID: 35058608
We had to setup the farm again. Then we had created folders for each permission group. Fortunatelly we were able to define a separate set of permissions so we ended up with 6 folders and setting up the permissions for these folders. Items in folders would inherit the permissions so the permission inheritance would be broken only for 6 items (the folders).
In a case where you whould have 300 users and each of these users could have different permissions to document it would be imposible to implement OOB - it would require some custom coding.
0
 
LVL 1

Author Closing Comment

by:ICG
ID: 35067813
Discovered on own.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I thought I'd write this up for anyone who has a request to create an anonymous whistle-blower-type submission form created using SharePoint 2010 (this would probably work the same for 2013). It's not 100% fool-proof but it's as close as you can get…
In case you ever have to remove a faulty web part from a page , add the following to the end of the page url ?contents=1
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question