In Sharepoint 2013, I have problems with my permissions on my site that runs a nintex workflow only when a new item is created/added. Information integrity is important to us and we dont want our users to edit the item they created, if they made a mistake they must make a new item for a new workflow to start.
Our problem is that some users need permissions high enough to answer tasks for our workflow (we have them at 'Contribute' level) but those permissions are also high enough to allow them to edit their item after wards with the quick edit.
What can we do to have our permissions levels more specialized? In general, only a few trusted people can edit items (there are some parts that need manual edit). What we want is:
- A group that allows new items creation (therefore a new workflow run) but no item edit/delete permissions
- A group that can answer workflow tasks but no item edit/delete permissions
- A group that is just for viewing, with no item edit/delete/add permissions
- A group with high enough permissions to allow all the above mentioned.
What are the permissions we must assign? Do new groups must be created? What rules must we apply to those groups to work as intended?
If you need more information, please ask. I am not sure how much information you guys need.
I have seen some posts regarding permissions but so far they havent been that helpful.