Allow users to view/edit only thier list elements created using form

New Contributor

my flow works fine but I have a problem setting permissions. I would like users to see only their items on the list. But since the item is created from the form using power automate on a dedicated user (DMS) I don't know how to grant access to the actual user for his items

This is my flow:

 

lukasz2_0-1616689857316 (1).png

 


it will  create new element on sharepoint list based on  Microsft Form with attachement:

 

lukasz2_1-1616689857319.png

 

 

flow is run by a dedicated user called DMS
Unfortunately in this case the item in sharepoint is created also by this user (DMS) .
so I added an extra column  "Osoba" which contains the form responder "Łukasz Świerżewski" in example above
lukasz2_2-1616689857320.png

 

The case is that i want everyone has access to this list, but I would like people to see only the items they added. By default, the owner of this item is DMS(flow user), so I think I need to grant permissions based on this created column, but I don't know how to do it.

 

Changing the sharepoint list options below will not help because the owner of this item is DMS

 

lukasz2_3-1616689857321.png

 

I also tried adding permissions after creating the item but the user still doesn't have permissions if the option above is enabled

 

lukasz2_4-1616689857321.png

 

Can anyone help me with this

2 Replies
I have this exact same problem. Were you able to figure it out?

@NicoleFallen @luke050 

Hope this helps:

 

Preparations and assumptions regarding your case:

- you are list owner and you want other users (everyone or a selected security group) to have access to items they created via a form.

- the form involved is shared with everyone or a selected security group.

 

Site preparation

- Everyone can visit site

- Add a permission level:

Click on site settings

Roy_Drissen_2-1637964182851.png

 

click on 'Advanced permission settings', click on 'Permission Levels'

Roy_Drissen_1-1637964001280.png

Add a permission level, I call it 'Add only'

Roy_Drissen_3-1637964448598.png

Mark the next settings

Roy_Drissen_4-1637964626408.png

Your permissions should look like this

Roy_Drissen_5-1637964786117.png

List options and changes:

- List options you do not have to change

Roy_Drissen_0-1637963479301.png

- You need to make unique permissions on list level and use the created Add only:

click on 'List settings'

Roy_Drissen_6-1637965050239.png

Click on 'Permissions for this list'

Roy_Drissen_7-1637965137808.png

Stop the inheritance

Roy_Drissen_8-1637965339252.png

 

Once you have unique permissions, you remove i.e. the members or visitors (depending on your security scope). In this case I remove both:

Roy_Drissen_9-1637965576623.png

Now add a permission, in this example everyone:

Roy_Drissen_10-1637965718547.pngRoy_Drissen_11-1637965864255.png

 

Now should make 2 flows:

  1. Creation flow that creates item based on form input (automatic flow, when form is submitted)
  2. Actuator flow to change security (automatic flow, when item is created)

Creation flow should store user email (who triggered the form) in the item

The Actuator flow should:

- Only triggered when item is created (not modified)

step 1: stop sharing item

step 2: grant access to user based on userinfo stored in item (done in the Creation flow)

 

Important, when testing with a test user (representing Everyone) you should use an InPrivate window or another profile in Edge

Roy_Drissen_12-1637967167009.png

 

Disadvantage of this approach is that there is a slight delay between both flows. For just a short time the item is accessibel for everyone. This is in most cases acceptable. Up to you.

 

You want me to work this out in an example? Let me know if you still are struggling.

 

Bye for now

 

Roy