SharePoint is not able to have column-level-security which would be great here. Did you try the set workflow status action though? It allows you to set a custom workflow status that can't be manipulated from the user.
Would that help?
Kind regards,
Enrico
Thanks Enrico, I saw that but was unsure what it actually updates. If you set the workflow status to approved with this Action where does it actually show. Where does the user see this?
In the workflow status column. So instead of having it say "Completed", you could add the Set Workflow status as the last action in your workflow, and have it changed to be "Approved".
It is possible to use the set workflow status column as Enrico mentioned, but I generally use the column in a list option because after 60 days values stored in the workflow status column get automatically trimmed by SharePoint (so will be an empty column). With version history enabled, you will be able to see if a user edited their own approval column, so the risk is low to leave it in place. If you really need the value to not be editible, you might consider saving the approval in a separate list. Be sure to share the list id of the item that was approved in that secondary list, as this could be used later to produce some semi-automated reporting.
Brendan, Enrico
Perfect, thanks! That is exactly what I was looking for. I just tested it and it is what I need.
Whatever you write into the action will overwrite the default workflow status column value:
My 3rd element says "Abgeschlossen" which is default completed status in German. The last one is set by using the action.
If you use this column to hold data. Keep in mind that the value will disappear after 60 days because of SharePoint workflow retention settings.
Interesting Jeremy. I didn't realize that the column data would be cleared out after 60 days. Not good. Thanks for the tip! I'm thinking now that I need to create a new document library with restricted permissions called Approved Documents or something to that affect. Once the document is sent for approval and finally approved, I'll have Nintex move the document to the restricted permissions library.