My workflow tasks contain links to sensitive documents, so there is a requirement to restrict access to this information - i.e. remove the possibility that someone could navigate to the task list, open a task and then open any of the linked documents. I don't know who the tasks are going to be assigned to up front (assignees are chosen in the submission form and task forms) so I can't restrict task list access to a specific group.
- My first thought was to run a workflow on new items in the task list to set item level permissions, but it turns out I can't initiate a workflow on the task list when a new item is created by another (i.e. my primary) workflow.
- My second thought was to hide fields in the task based on the current user (e.g. hide field if Var Approver does not contain Current User), but I've run a bunch of tests without success and I'm guessing the Contains formula only works with a text value (vs the Current User reference).
Is there another way I can restrict access to the task form (or parts of the text form) based on to whom the task is assigned?