Dynamic assignment of permissions to a new item in a list or library

[MikeInventure]

We have built an InfoPath form for our HR dept to use for employee terminations, and we are going to use it as part of an entire workflow that gets built around it with a proper IA, but for now we are going for the “low hanging” fruit of just deploying the form to a SP library and just using the emailing of links instead of emailing multiple copies of the form around to get it filled out.

Since termination is intrinsically a very confidential process, when an instance of the InfoPath termination form is created for a specific termination, HR wants only the manager that creates the form to have any access to it. The security trimming features of SP will not even allow others to see that it exists, which is the perfect situation. In order to achieve this, the inherited permissions of the library must be broken at the time of creation of the form instance, and be replaced with permissions for the manager who instantiated the form, along with permissions for the SP group of HR clerks who will process the termination. This requires the name of the currently logged on user to be dynamically retrieved and be used to alter the permissions on the newly created instance of the form.

We’re wondering if it’s possible to do this using the SP interface or SP designer, without having to crack open Visual Studio to dig into the code.

 

[daissyy]

Hi, MikeInventure,

I think you can make the column [manager](which means all the people that reside in the column)have full control permission to the item he resides. And other kind of users(also can be represented by some columns, like[created by]etc.) have read-only permission or have no permission to the item he resides.

I guess without code digging you can not achieve this using SP interface or SP designer. And there is a fit solution for you:

http://www.sharepointboost.com/permissionworkflow.html

Hope this can help you!