List permission for user to add attachments

Frequent Contributor



I created a custom permission level by making a copy of the "Contribute".


I left everything as is except for unchecking the "delete items" and "edit items" on the list permissions.


The idea would be that a user can add and item to a list but not edit or delete.


Everything works as expected except that when the user tried to add an item with attachments they get an "access denied". If I go back in the permission level and check "Edit Items" they can add attachement to the item.


Just wondering is there anyway around this to allow the user to add ( with attachments) but not edit or delete.



7 Replies
I'm afraid there is not workaround here...if that's the combination of individual permissions that works for you, then you are done
Gonna have a tough time splitting that [permissions] hair based on the way SP manages attachments: they are added as uploads to a folder related to the parent item. Believe a reference to the attachment folder is made in a column/cell/value on the parent item row in the process, hence why they still need to edit.

I would look toward creating a related library for the item rather than using attachments for this use case. Modifying the parent item form with a view of the related child items and adding some JS to assist in the child item linkage.
Maybe consider this (hacking together a solution)

Give the user edit rights, when a new item is created, run a workflow to change the content type. Have one content type show the fields the user can enter, have the second content type show only calculated fields displaying the values selected by the user, or maybe just merge the fields into a "multiple lines of text field" that gets regenerated every time the item is edited. In the second content type, set all the fields to "hidden". And turn off "quick edit" on the list.

This would prevent them from changing what they initially entered on the new form, but still having the ability to add attachments and not delete.
obfuscation is not ...


The only way I've seen this accomplished is through workflow.  Users either add an item to one list where they have RW access and then a workflow copies it to another list where they have RO access. Or users add an item to the list and then have a workflow change the item permissions to RO.  But there is no way to do this using permissions alone.

Thanks to all for the suggestions.


It will give me something to move forward with.



Is there any solution for this yet ?