cancel
Showing results for 
Search instead for 
Did you mean: 
Workflow Hero

item-level permissions conflicting with workflow

Jump to solution

I have built a Nintex vehicle request form with a simple manager approval workflow.

The problem I'm having is that the Approver (manager) is only able to approve the form if I select "create and edit all items" in the SharePoint list item-level permissions settings. This means that the Approver can see ALL items in the list. If I change this setting to "create items and edit items that were created by the user", then the Approver receives an error when he tries to approve the workflow task ("sorry something went wrong, an unexpected eror has occurred").

I cannot find a way around this. I tried adding a 'set item permissions' action in the workflow to assign the Approver 'approve' access on the current item, but the error still remains (even though this action does in fact change correctly update the item permissions).

Any help would be greatly appreciated. I have searched extensively though these discussions and cannot find a solution. (I have also give all users contribute access to the workflow task list in SharePoint, and ensured the subsite is published with all users having read access).

Thanks

Labels: (1)
Reply
21 Replies
Workflow Hero

Re: item-level permissions conflicting with workflow

Jump to solution

Hi

what error occurs?

does the approver have general permissions to the site too?

Reply
Workflow Hero

Re: item-level permissions conflicting with workflow

Jump to solution

"create items and edit items that were created by the user" setting is stricter then item level permissions.

once you disable edit access with the setting you can not grant it back with adding item permissions.

so you will have to use "create and edit all items" setting and then remove edit rights from users that are not managers/approvers within workflow

Reply
Workflow Hero

Re: item-level permissions conflicting with workflow

Jump to solution

Hi Marian

My apologies but I realise I've given the wrong information above. In the SharePoint list item-level permissions settings, under Read Access, I have selected "Read all items" (see screenshot). This means that everyone can see ALL items in the list if they have the URL. If I change this setting to "Read items that were created by the user" then the Approver gets the error when he tries to approve "sorry something went wrong, an unexpected error has occurred".

Even by adding a 'set item permissions' action in the workflow to give the Approver 'approve' access, it still won't work.

Any help would be greatly appreciated. list item-level permissions

0 Kudos
Reply
Workflow Hero

Re: item-level permissions conflicting with workflow

Jump to solution

Cassy, the error is "sorry something went wrong, an unexpected error has occurred" (even though I know it's a permissions issue).

And yes everyone has read access to the site that hosts the SharePoint list, and everyone has contribute access on the list itself.

0 Kudos
Reply
Workflow Hero

Re: item-level permissions conflicting with workflow

Jump to solution

Hi,

I faced a similar issue, have a list where users must only see own items, and tried using same settings as you, because my first solution was to remove all items permission and then set it explicitely to the user in question. But from the time the item was created to the workflow started and permissions was set all users could see the item

Then I tried the "....by user" list setting and I faced same issues as you do, and i ended up back at read/ create/ edit all items (list default) and rely solely on setting item permission as the absolute first thing.

0 Kudos
Reply
Workflow Hero

Re: item-level permissions conflicting with workflow

Jump to solution

ok.

appart from this setting you still need to grant at least read permissions on source list and at least read permissions on an item being approved to the approver.

plus edit permissions on workflow task list.

do you have it configured this way?

0 Kudos
Reply
Workflow Hero

Re: item-level permissions conflicting with workflow

Jump to solution

Yes, on the source list everyone has 'contribute' permissions. On the workflow task list everyone has 'approve' access. The issue seems related to the list item-level permissions...'Read items that were created by the user' seems to take precedence over everything else. Here's a few screens (Note the Visitors group contains all staff):

list permissions

workflow task permissions

0 Kudos
Reply
Workflow Hero

Re: item-level permissions conflicting with workflow

Jump to solution

Hi Martin

It seems you had the same problem. When you say ...'and rely solely on setting item permission as the absolute first thing' could you please elaborate on what you did. Do you now have a working solution?

Here's a few screens of my workflow:workflow

workflow request approval

0 Kudos
Reply
Workflow Hero

Re: item-level permissions conflicting with workflow

Jump to solution

you seem to have some custom permission level 'Approve', could you share what right it exactly include?

can you try to 'Check permission' on a source list, an item to approve and workflow task list for a single approver?

0 Kudos
Reply