Set permissions for a SharePoint list item using 2013 Workflow

SharePoint 2013 Logo

Following are the steps to be implemented in a 2013 workflow to set permissions for a SharePoint list item.
This particular method set the permissions for all users in a group with a particular role permission using REST Calls

1. Build Header Dictionary and set to a variable

Name: Accept
Type: String
Value: application/json;odata=verbose

Name: Content-Type
Type: String
Value: application/json;odata=verbose

1. Set “Group ID URL” to a variable

[%Workflow Context:Current Site URL%]_api/Web/SiteGroups/GetByName('Group Name')?$Select=id

2. Set “Role ID URL” to a variable

[%Workflow Context:Current Site URL%]_api/Web/RoleDefinitions/GetByName('Role Name')?$Select=id

3. Set “Break Role Inheritance URL” to a variable

[%Workflow Context:Current Site URL%]_api/Web/Lists/GetByTitle('Library Name')/items([%Current Item:ID%])/BreakRoleInheritance(copyRoleAssignments=false, clearSubacopes=true)

4. Create Response Variables for “Group ID Response”, “Role ID Response”, “Response Headers” & “Response Code” with data type as Dictionary

5. Make GET REST call using Call Action to “Group ID URL” and assign output to above created variables in step 4

6. Use Get Action ‘d/Id’ from above “Group ID Response” variable and set it to a new variable “GroupID”

7. Make GET REST call using Call Action to “Role ID URL” and assign output to above created variables in step 4

8. Use Get Action ‘d/Id’ from above “Role ID Response” variable and set it to a new variable “RoleID”

9. Make POST REST call using Call Action to “Break Role Inheritance URL” and optionally assign output to above created variables in step 4

10. Set “Set Role URL” to a variable

[%Workflow Context:Current Site URL%]_api/Web/Lists/GetByTitle('Library Name')/items([%Current Item:ID%])/RoleAssignments/AddRoleAssignment(principalId=[%Variable:GroupID%],roleDefId=[%Variable:RoleID%])

Add Role:

 AddRoleAssignment(principalId=[%Variable:GroupID%],roleDefId=[%Variable:RoleID%])

Remove Role:

RemoveRoleAssignment(principalId=[%Variable:GroupID%],roleDefId=[%Variable:RoleID%])

11. Make POST REST call using Call Action to “Set Role URL” and optionally assign output to above created variables in step 4

Reference URL: https://msdn.microsoft.com/en-us/library/office/dn531432.aspx


Leave a Reply

Your email address will not be published / Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.