I have noticed that the nintex tasks in o365 can be approved not only by the people who are assigned to the tasks but by any other people. It is a big suprise to me as it wasn't the case in the 2010 on premise licence.
Can you give me a clear explanation on that?
Solved! Go to Solution.
Grzegorz Bukowski what do you mean by saying "by any other people"? I am almost sure that in on-prem SharePoint, both 2010 and 2013 when you have sufficient rights on a task list (contribute) you can see tasks assigned to any user. And yes - you can also mark them as done if needed. But this requires at least contribute permissions.
In the end task list is the same list as any other managed by the same mechanisms - users can work with its items if having proper permissions. You can limit availability of items using views (like when you set a default view to show only those items, where AssignedTo=@me) or to set the "Item-Level Permissions" in the list settings so that users will be able to see only items created by themselves:
However this approach is not right, as tasks for the user in Nintex are not created by the user himself (Created By != Assigned To) but by the Nintex account so the user will not be able to access them.
In the end if you really want to give access to the tasks only for the users who are assigned to then the best way is to break permissions inheritance after you create a task (using Nintex action for setting permissions) and grant access for the assigned to user exclusively but then remember about the unique permissions threshold which is set to 5.000
Like Tomasz Poszytek said, permission mechanism of task list is same as any other list. I have been working with SharePoint tech for last 11 years and this question comes up on almost every SharePoint workflow project : how can I restrict others from viewing my tasks / completing my tasks. This is a fundamental flaw in SharePoint workflows I wish SharePoint has a better permission settings when it comes to workflow tasks. Restricting task to "assigned" person should not be that difficult.
Nintex simply uses SharePoint tasks and does not add another layer of security. But there is a feature missing in O 365 of Nintex. On premises Nintex has a web part called as "My Tasks and My group tasks" which aggregates tasks assigned to a user to a single location. This is missing in O 365. While it is not a security solution, "My Tasks" showed all user tasks and prevented users from going to actual task list where they could see other tasks.
In fact, in on premises Nintex tasks has a custom control that prevents other users than assigned from editing. The only way is delegation in that case. However in O365 there is no such feature...