Hello,
I would like to set list permission (not list item).
How can i do that with Nintex Workflow in O365 ?
Thanks in advance
Answer
Manage list permission
+3Best answer by navik
Thanks for your response.
So I did three HTTP requests :
1] Get my group ID :
GET
<site_url> /_api/web/sitegroups?$select=Id,Title&$filter=Title eq '<GroupName>'
2] Break role inheritance on my list :
POST
<site_url> /_api/web/Lists/Getbytitle('<ListName>')/breakroleinheritance(true)
3] Add my group permission to this list :
POST
<site_url> /_api/web/Lists/Getbytitle('<ListName>')/roleassignments/addroleassignment(principalid=<GroupID>,roledefid=<RoleDefinitionID>)
Note : Thanks to 'SviPullo' SviPullo: SharePoint RoleDefinition Ids
Role Definition Name | Role Definition Id
Full Control 1073741829
Design 1073741828
Edit 1073741830
Contribute 1073741827
Read 1073741826
View Only 1073741924
Currently there's no an action to do this, but with some work you could use the action to call a web service and user the REST SharePoint methods.
Something similar to this >>> Set custom permissions on a list by using the REST interface | Microsoft Docs
+3Thanks for your response.
So I did three HTTP requests :
1] Get my group ID :
GET
<site_url> /_api/web/sitegroups?$select=Id,Title&$filter=Title eq '<GroupName>'
2] Break role inheritance on my list :
POST
<site_url> /_api/web/Lists/Getbytitle('<ListName>')/breakroleinheritance(true)
3] Add my group permission to this list :
POST
<site_url> /_api/web/Lists/Getbytitle('<ListName>')/roleassignments/addroleassignment(principalid=<GroupID>,roledefid=<RoleDefinitionID>)
Note : Thanks to 'SviPullo' SviPullo: SharePoint RoleDefinition Ids
Role Definition Name | Role Definition Id
Full Control 1073741829
Design 1073741828
Edit 1073741830
Contribute 1073741827
Read 1073741826
View Only 1073741924
+3Yes this approach work fine 
.
Can you send a user voice to your engineer service, to add this new action "Set List permission" ?
It's important for us and our clients to manage list permission fastly, so if the Nintex product can do this, it will be great !
+5Hi, I was curious if this method could be used to set permissions on a single list item. We cannot use the O365 update item permissions action due to the password being unencrypted.
Thanks
+3Yes you can use this method but see the difference in the second request below :
1 - <site_url> /_api/web/Lists/Getbytitle('<ListName>')/items('<id_item>')/breakroleinheritance(copyRoleAssignments=false, clearSubscopes=true)
2 - <site_url> /_api/web/Lists/Getbytitle('<ListName>')/items('<id_item>')/roleassignments/addroleassignment(principalid=<GroupID>,roledefid=<RoleDefinitionID>)
+5Thanks Ivan for taking the time to help me out.
I see in #1 that the inheritance is being cleared out on an item in a list.
In #2 it looks like the assignment is being added back in but for a group not for an individual user name.
For example if I wanted to break the perms and then set the perms on a list named testlist to read only on a single list item for myself it would look like this?
1 - ')/roleassignments/addroleassignment(principalid=stirns,roledefid=1073741826)
Thanks
Steve
+3To add the current user or another user permission to the list item , if i see the documentation of Microsoft, you can put the UserID or GroupID.
So for example :
/roleassignments/addroleassignment(principalid=XXX,roledefid=1073741826)
Get the UserID by LoginName :
If you don't have the information of your UserID but only LoginName, you need to do a call HTTP GET, to get the UserID by your LoginName.
HTTP GET
<site_url>/_api/web/siteusers(@v)?@v=%27i%3A0%23.f%7Cmembership%7Cjohn.doe%40contoso.onmicrosoft.com%27
WARNING : You need to have the LoginName Encoded ! Very Important ! If not, don't work !
Example :
i:0#.f|membership|john.doe@contoso.onmicrosoft.com
to
%27i%3A0%23.f%7Cmembership%7Cjohn.doe%40contoso.onmicrosoft.com%27
Voilà !
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.