Setting Item level security at document creation time


  • Hi Community

    I am setting up an approval process for a number of documents stored under an Office 365 / SharePoint Online Team site. Now each document should only be edited by certain groups of people and will have a dedicated approver at the publish stage.

    My concern is I want to keep a central Work in Progress Library, then I am looking at some sort of ACL mechanism for each item prior to any approval workflow. With this in mind I have started to weigh my options:

    • Setting Item level security when the first draft is added to the library by my "super user", I could break security inheritance and lookup, then assign the appropriate SharePoint group at the item level. I will need a way of automating this e.g. with a custom action and the  security group should  be associated with a Content Typ
    • Use of folders (!) . I know these are controversial outside OneDrive and Office 365 groups but they are great for Access Control on certain content
    • Custom code option (client side only)
    • Some new admin mechanism I am not aware of. Set up a content type policy template for one of my  content types but this doesn't seem that useful in this case
    • Any other suggestions.


    Collaboration Solutions Architect

    Thursday, June 23, 2016 1:10 PM

All replies

  • Daniel-

    You can use custom workflow or Remote event receiver (ReR), to assign content type based permissions when a new document is added.

    Rajesh| @rjesh
    You don't need to buy me a beer, if helpful just smile, vote, and mark it as answer.

    Thursday, June 23, 2016 1:28 PM
  • Hi  Rajesh

    Thanks for your reply.  Actually, I have stumbled on this  in the Nintex documentation so this maybe my first point of call.

    Update Office 365 Item permissions


    Collaboration Solutions Architect

    Thursday, June 23, 2016 1:39 PM