Forum Discussion

luke050's avatar
luke050
Copper Contributor
Mar 25, 2021

Allow users to view/edit only thier list elements created using form

my flow works fine but I have a problem setting permissions. I would like users to see only their items on the list. But since the item is created from the form using power automate on a dedicated user (DMS) I don't know how to grant access to the actual user for his items

This is my flow:

 

 


it will  create new element on sharepoint list based on  Microsft Form with attachement:

 

 

 

flow is run by a dedicated user called DMS
Unfortunately in this case the item in sharepoint is created also by this user (DMS) .
so I added an extra column  "Osoba" which contains the form responder "Łukasz Świerżewski" in example above

 

The case is that i want everyone has access to this list, but I would like people to see only the items they added. By default, the owner of this item is DMS(flow user), so I think I need to grant permissions based on this created column, but I don't know how to do it.

 

Changing the sharepoint list options below will not help because the owner of this item is DMS

 

 

I also tried adding permissions after creating the item but the user still doesn't have permissions if the option above is enabled

 

 

Can anyone help me with this

Microsoft Flow
SharePoint
    • Roy_Drissen's avatar
      Roy_Drissen
      Copper Contributor
      Nov 26, 2021

      NicoleFallen luke050 

      Hope this helps:

       

      Preparations and assumptions regarding your case:

      - you are list owner and you want other users (everyone or a selected security group) to have access to items they created via a form.

      - the form involved is shared with everyone or a selected security group.

       

      Site preparation

      - Everyone can visit site

      - Add a permission level:

      Click on site settings

       

      click on 'Advanced permission settings', click on 'Permission Levels'

      Add a permission level, I call it 'Add only'

      Mark the next settings

      Your permissions should look like this

      List options and changes:

      - List options you do not have to change

      - You need to make unique permissions on list level and use the created Add only:

      click on 'List settings'

      Click on 'Permissions for this list'

      Stop the inheritance

       

      Once you have unique permissions, you remove i.e. the members or visitors (depending on your security scope). In this case I remove both:

      Now add a permission, in this example everyone:

       

      Now should make 2 flows:

      1. Creation flow that creates item based on form input (automatic flow, when form is submitted)
      2. Actuator flow to change security (automatic flow, when item is created)

      Creation flow should store user email (who triggered the form) in the item

      The Actuator flow should:

      - Only triggered when item is created (not modified)

      step 1: stop sharing item

      step 2: grant access to user based on userinfo stored in item (done in the Creation flow)

       

      Important, when testing with a test user (representing Everyone) you should use an InPrivate window or another profile in Edge

       

      Disadvantage of this approach is that there is a slight delay between both flows. For just a short time the item is accessibel for everyone. This is in most cases acceptable. Up to you.

       

      You want me to work this out in an example? Let me know if you still are struggling.

       

      Bye for now

       

      Roy 

       

       

       

       

       

Resources