Granting and Managing Item Level Permission using SharePoint2013 Designer Workflow

https://gnanasivamgunasekaran.wordpress.com/2015/12/29/granting-and-managing-item-level-permission-using-sharepoint2013-designer-workflow/

Granting permission to the user by SharePoint 2013 designer workflow is different from SharePoint 2010.we are using the Rest API to grant the permission as follows

Create the Workflow and assign permission

• Open the site in SharePoint 2013 designer and select the list for which workflows needs to be created and click new option,

• Specify the name of the workflow and click ok ,

• Add the action build the dictionary ,

• After adding the actions create the headers for REST api call as follows,

• Click the link this and create the following two variables

Name	Type	Value
Accept	String	application/json;odata=verbose
Content-Type	String	application/json;odata=verbose

• Create the following local variables by clicking the local variables link in top ribbon,

Name	Type
responseContent	Dictionary
responseHeaders	Dictionary
responseCode	String
requestHeaders	Dictionary

• Now set the requestHeaders variable to the outcome variable of dictionary builded.
• Then add the Call Http web service action,

• Right click the above action and configure the properties as follows,

• Add the following URL in above action and select the HTTP method as POST as follows,

“{SiteURL}/_api/web/lists/getbytitle(‘Sample’)/items(1)/breakroleinheritance(true)”

• The above http call will stop inheritance of permission for the item with id 1.
• After that add one more Call http web service action, configure the same properties as same as previous action.
• Now configure the following URL in Enter Http web service URL and specify the method as HTTP Post,

“{SiteURL}/_api/web/lists/getbytitle(‘Sample’)/items(1)/roleassignments/addroleassignment(principalid=12,roleDefId=1073741926)”

• In this Principal ID is the Id of the User to whom we need to grant permission and roledefinition Id is the permission level Id which can identified using the following URL

“{SiteURL}/_api/web/roledefinitions”

• That’s it , while running this workflow the REST api call will break the inheritance role for the particular item and grant the specified permission level (RolDefId) for the user .

Removing the Permission of Specified user

• For removing the permission of the user in particular item, we need to design workflow as same as above for granting permissions.
• Similarly same HTTP action to be called to break the role inheritance and call one HTTP action with the below URL,

{SiteURL}/_api/web/lists/getbytitle(‘Sample’)/items(1)/roleassignments/getbyprincipalid(12)

Get by principal ID is the ID of the User.

• Then select the HTTP method as delete

• Now running the above workflow it will fill stop inheriting the permission and the second web service call will remove the permission for the user with ID 12.