SharePoint 2010 Workflow that sets Unique Permissions
Tasks List, Managers and Departments
A SharePoint Workflows tutorial by Peter Kalmström
an earlier article we created a
workflow that sets unique permissions on new files in a
document library. A similar workflow can be used if
you want to set unique permissions on items in a tasks list.
Here we will show a model that is a bit more advanced, where
people have access to different tasks in a tasks list depending
on which SharePoint group they belong to.
In the demo below Peter Kalmström, CEO and Systems Designer
of kalmstrom.com Business Solutions, uses five departments
that use the same installation of the kalmstrom.com product
Kanban Task Manager as an example.
SharePoint editions of Kanban Task Manager show tasks
from a tasks list as cards on a kanban board, where they
can be moved as work proceeds. By default, all users with
access to the tasks list can see all tasks. Users can of
course filter the tasks and use different views, but for
unique permissions on tasks a 2010 workflow is needed.
Peter gives members of each department permission to see
and edit their own tasks. Only the manager has access to
all tasks on the kanban board.
For this to work, the tasks list needs to have a mandatory
'Department' choice column. Use the extra field that is
available, or rename 'Project' to 'Department'.
The members of each department must also be placed in separate
SharePoint groups with Edit permission on the site, so that
access can be given to each department in a bulk. If there
are multiple managers they should have their own group with
This workflow will work in the same way for other scenarios
where you want to set unique permissions on SharePoint list
Create a SharePoint 2010 workflow that sets unique permissions
- Create a list workflow for the list where you want
to set unique permissions. Select the Platform Type
SharePoint 2010 workflow.
- Click on the Step 1 top banner to make the Impersonation
Step button in the ribbon active. Then add the Impersonation
Step to the workflow.
- Remove Step 1.
- Add the action Replace List Item Permissions to
the Impersonation step.
- Click on
and select Current Item.
- Click on
and then on Add in the dialog that opens.
- Click on Choose in the new dialog.
- Select the Managers group or type in the manager
- Check the box for Full Control and click OK.
- Click on Add again and then on Choose.
- Select Workflow Lookup for a User.
- Keep the source Current Item and select the field
Department. Click OK.
- Check the box for Edit and click OK.
- Set the workflow to start automatically when an
item is created.
- Check, publish and test the workflow. (At publication,
you will have a warning about the impersonation permission.)
Test by creating some tasks and then logging in as manager
and as people from different departments.