Skip to main content

Notifications

Community site session details

Community site session details

Session Id : HQel61t9wBajktqlittSJA
Power Automate - Building Flows
Unanswered

SharePoint List Item Level Permissions based on column value

Like (0) ShareShare
ReportReport
Posted on 4 Aug 2023 15:30:30 by 104

I have built a form in PowerApps that writes submissions to a SharePoint list. Within this list, there is a calculated column titled "Status".

 

When the status is "In Progress" or "New", the user should be able to read and edit only their own items (Created by them)

When the status is "Submitted" or "Closed", the user should only be able to read their own iteams (Created by them) and no longer should be able to edit them

 

There is then an admin group (SharePoint group) who have access to read and edit all items in the SharePoint list regardless of Status and who created them.

 

Currently, the item level permissions on the list are set so that users can only read and edit their own items. Everyone has contribute access to the list and the admin group (SharePoint group) have design access to the list. 

 

All of the above is working in the PowerApps form, however I am struggling to get my head around how I would get this working for the SharePoint list, I assume it requires a Flow to be built?

  • getaholdofrick Profile Picture
    4 on 22 Dec 2023 at 15:34:00
    Re: SharePoint List Item Level Permissions based on column value

    For example (using the new Flow experience UI)...  
    I my case I have a number of person fields on each item that should allow the person to be able to edit the item. Since my case results in three sets of fields which might be blank, I need to include each field separately, wrapped within an "if" expression to build out a semicolon-delimited list. (See code snippet below the screenshot for a way I could have done this in a single expression).
    I want to avoid using a "set" action in my loop so that I can take advantage of multi-threading, like @creativeopinion demonstrates in her video.

    In your case, one of these expressions would contain your SharePoint group. Hope this additional detail helps you @SamB2 . 🙂
    Example using multiple expression statements.Example using multiple expression statements.

    Instead of multiple expressions, I could also build a single expression, something like this - which has the advantage of not potentially leaving a trailing ";" in my "Recipients" value (for the assignments):

    join(createArray(item()?['Author']?['Email'], 
    item()?['ProvidedBy']?['Email'], 
    item()?['LeaderResponsible']?['Email']), ';')

     

     

  • getaholdofrick Profile Picture
    4 on 21 Dec 2023 at 21:06:56
    Re: SharePoint List Item Level Permissions based on column value

    Hi @SamB2 ...

    In the "recipients" field you need to build your dynamic list, separated by a semicolon (very important). This then means that you'll need a programmatic way to add your special group to that list - unless that is a static SharePoint Group name. You may need to toggle the input on that field to allow this.

    Hope this helps you.

     

  • SamB2 Profile Picture
    104 on 07 Aug 2023 at 11:10:43
    Re: SharePoint List Item Level Permissions based on column value

    Hi @creativeopinion , thanks for the reply. This is the method I was attempting before posting, however I am getting stuck on this part:

     

    There is then an admin group (SharePoint group) who have access to read and edit all items in the SharePoint list regardless of Status and who created them.

     

    Using the "Grant access to an item or a folder" action, I am unable to find a way to input the SharePoint group into the Recipient field?

     

    If I leave this SharePoint group with Design access to the SharePoint list, these will get removed by the "Stop sharing an item or file action" and they cannot be added to the Site Owners group due to there being other content within the same site that they shouldn't have access to.

  • creativeopinion Profile Picture
    10,406 Super User 2025 Season 1 on 04 Aug 2023 at 15:49:13
    Re: SharePoint List Item Level Permissions based on column value

    @SamB2 
    I recently uploaded a tutorial on how to Grant Item Level Permissions on YouTube.

     

    You should be able to follow this tutorial with a few slight adjustments based on your requirements. Instead of the Get Items action, you'll need to use the When an item or file is modified trigger. If you need to bulk adjust permissions, you can keep the Get Items action (as per the tutorial) but adjust the Filter Query to return the items with a Status of Submitted or Closed.

     

    Add a Condition to check the Status.

     

    creativeopinion_0-1691163948697.png

    In the YES branch, add a Stop sharing an item or file followed by a Grant access to an item or folder action.

     

    The Stop sharing an item or file action will remove all permissions for everyone except for Site Owners. Not sure if this meets your requirements or not.

     

    The Grant access to an item or folder action will grant permissions to whoever you'd like to grant access to. In this case, the Roles will be Can view (read) and the Recipients would be the Created by Email (and whoever else needs to have read access). 

    creativeopinion_1-1691164019750.png

     

    Hope this helps!

     

    If I helped you solve your problem—please mark my post as a solution ✅.
    Consider giving me a 👍 if you liked my response!

    👉Watch my tutorials on YouTube
    👉Tips and Tricks on TikTok

     

     

     

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Understanding Microsoft Agents - Introductory Session

Confused about how agents work across the Microsoft ecosystem? Register today!

Warren Belz – Community Spotlight

We are honored to recognize Warren Belz as our May 2025 Community…

Congratulations to the April Top 10 Community Stars!

Thanks for all your good work in the Community!

Leaderboard

#1
WarrenBelz Profile Picture

WarrenBelz 146,776 Most Valuable Professional

#2
RandyHayes Profile Picture

RandyHayes 76,287 Super User 2024 Season 1

#3
Pstork1 Profile Picture

Pstork1 66,093 Most Valuable Professional

Leaderboard
Loading started