May 10 2022 06:28 AM
Hi all,
I have a Sharepoint list and want to achieve the following:
Every user should be able to enter a new item. In addition, every user should be able to comment on the item he/she sees (I do not really care if the option to edit comes with that.).
Where it's getting tricky are the permissions:
There are three user groups: GroupA, GroupB and GroupC. GroupA are admins with full unrestricted access. GroupB and GroupC are groups which share most but not all data. So I want a way that the user can choose who is able to access (comment, maybe edit) the item which he/she creates.
Example: If UserB in GroupB creates a new list item, he can choose that the item is available to GroupB and GroupC. Both groups can see and comment on the item. Then, e.g., UserC of GroupC creates an item but restricts that to only GroupC. This means that GroupC can view and comment on the item, while GroupB does not see the item. They even do not know that it exists.
So in the end, I need an option to set access for the different user groups on every item without being administrator.
I'm open to any solution, either with default Sharepoint tools or with additional Power Automate flows in it. Do you have an idea how to realize this?
Thanks for any hint.
May 16 2022 02:43 AM
@ftfaul here below you can find a possible approach
Important Note: SharePoint OOTB is not designed to provide this flexibility in terms of Group permission at item level. Please do a very extensive test phase to avoid security breaches.
The View/Edit part
<Where>
<Membership Type="CurrentUserGroups">
<FieldRef Name="VisibleToGroup"/>
</Membership>
</Where>
The Permissions part
Last Note: The Automation part does not include a rollback scenario. You have to set up a proper Governance to ensure users are removed from Group A,B,C when their job is done (maybe an additional Power Automate that runs every end of the months and reset the permissions to initial state)