No one has responded to this discussion for at least a year, so this information may be out of date. If you're looking for information about this topic, please search for a more recent discussion or post a new question.

Workflow set permissions : User who created item not working as expected

This question has suggested answer(s) This question has suggested answer(s)

I am trying to do a workflow to modify permissions on a newly uploaded document.

It is a re-usable workflow using an impersonation step.

The document library has default permissions for three groups.

I want to remove these permissions on new document and allow only the person who uploaded the document to access it (and the site owners), in an automatic workflow when the document is new.

Removing permissions for the groups works fine.

But the person who uploaded the document cannot access it after the workflow runs (they are a member of one of the groups I remove).

So I thought I would add back permissions for "User who created current item", but this does not seem to have any effect.

I see only the user who is being impersonated as having Full Control.

Can anyone help



All Replies
  • Hi carolchiFBG,
    Thanks for your post here.
    I understand you are creating a workflow that will customize item permissions for each document (only Author will have Contribute Permissions).
    Here I provide you with detailed steps using SharePoint Designer to realize it.
    1.Create a new Document Library.
    2.Go to Document Library Settings > Permissions for this document library, click on Stop Inheriting Permissions command from the ribbon.
    3.Revoke permissions for all but few important groups.
    Note: the above two steps are optional, but workflow is going to be much simpler if there are fewer permissions to manage.
    4.Open your site in SharePoint Designer, and select Workflows option and your list from the ribbon.
    5.Type the name for the new workflow.
    6.Insert a new Impersonation Step. This special step runs each activity as workflow author.
    7.Make sure workflow author (you) has proper privileges to manage permissions for this list.
    8.From the list of workflow actions choose Replace Item Permissions, click Replace these permissions.
    9.In the dialog click Add, in the Choose permission to grant dialog click Contribute, and then click Choose… button.
    10.Add User who created current item to the Selected users list. 
    11.Click the workflow name to manage workflow settings.
    12.Make sure you have selected the correct Start Options.
    13.Publish your workflow
    We recommend that you follow the above steps to renew a workflow to see if it works. If there’s any confusion, feel free to contact me here.
    Ella Huang
  • Thank you for this exact description of what I have already done.

    My question is about the way the "User who created item" permission is applied. In my environment this permission is not applied  correctly.

    The user who writes the workflow is give permissions, NOT the user who uploads the document.

    If a user other than the workflow writer uploads a document, they see if for a few seconds and then they can no longer access it. The document is uploaded but only the workflow author has access to it.

    I have resolved this by adding permissions for the user who last modified the item - this works as expected.

    HOWEVER I want to understand why the "user who created the item" does not work as expected.

  • Hi carolchiFBG,

    I’m glad to hear the problem is resolved by “adding permissions for the user who last modified the item”. Based on my experience, the problem should be caused  the Impersonation Step inserted would run as the author who last edit the workflow, but not the user who started the workflow.

    Evan Zhang

  • Hi carolchiFBG,
    I’d like to follow the issue you posted previously. Have you successfully resolved it?
    I will keep monitoring your case for several days. If there are any other questions, please feel free to post here.
    Ella Huang