Managing Tasks Permissions Programmatically within SharePoint using event reciever or using special permissions property

I was writing a workflow using SharePoint designer wherein at certain steps tasks were getting created and assigned to different user. But the problem with that was that any user having appropriate rights on the tasks list was able to edit the task.

Below are the two methods using which we can have only the assigned to user having the rights on that task.

It can be done using Event Receiver or within the SharePoint workflow using special permissions property.

public override void ItemAdded(SPItemEventProperties properties)

        {

                // Name of the List

            if (properties.ListTitle == “Tasks”)

            {     

                // Get the SPSite Object

                SPSite objSite = new SPSite(http://servername:portname”);       

                // Point to the top level web site within it

                SPWeb objWeb = objSite.OpenWeb();

                // get the task list item getting created

                SPListItem myListItem = properties.ListItem;       

 

                // get the id of the assigned to user

                // we want that only assigned to user should have full rights on that task

                string userAssignedTo=myListItem[“Assigned To”].ToString();

                int index = userAssignedTo.IndexOf(‘;’);

                int id = Int32.Parse(userAssignedTo.Substring(0, index));

                // get the SPUser from the id

                SPUser user = objWeb.SiteUsers.GetByID(id);                       

 

                // break the role inheritance

                myListItem.BreakRoleInheritance(false);

                // webroledefinitions – Full Right, Design, Contribute and Read

                SPRoleDefinitionCollection webroledefinitions = objWeb.RoleDefinitions;

                SPRoleAssignment roleassignment = new SPRoleAssignment(user);              

                roleassignment.RoleDefinitionBindings.Add(webroledefinitions[“Full Control”]);

                myListItem.RoleAssignments.Add(roleassignment);

                // give full control right to the assigned to user

                roleassignment.Update();                           

             

 

               }

            }

Or within workflow as

 

    // handler for create task activity

        private void createTask1_MethodInvoking(object sender, EventArgs e)

        {

            //Specify properties for the task

            createTask1.TaskProperties.AssignedTo = @”domainusername”;

            createTask1.TaskProperties.Title = @”Please complete the task”;

            createTask1.TaskProperties.Description = “This is sample SharePoint Task”;

            createTask1.TaskProperties.DueDate = DateTime.Now.AddDays(7);

            createTask1.TaskProperties.EmailBody = “This is the sample<b><i> email body </b></i>”;

            createTask1.TaskProperties.SendEmailNotification = true;

 

            // Define a HybridDictionary object

            HybridDictionary permsCollection = new HybridDictionary();

            // Give Administrator rights to the user to whom the task has been assigned

            permsCollection.Add(createTask1.TaskProperties.AssignedTo, SPRoleType.Administrator);

            // SpecialPermissions -the SpecialPermissions property  in your code will strip out all existing permissions inherited from

            // the parent list(Workflow Task List) and only adds permissions for each pair you added to the hashtable

            createTask1.SpecialPermissions = permsCollection;   

 

        }

 

 

That’s it ….


Author: Nishant Rana

I love working in and sharing everything about Microsoft.NET technology !

13 thoughts on “Managing Tasks Permissions Programmatically within SharePoint using event reciever or using special permissions property”

  1. The code below is not working. Permission not set to the specified user. Any idea ?

    // handler for create task activity
    private void createTask1_MethodInvoking(object sender, EventArgs e)
    {
    //Specify properties for the task
    createTask1.TaskProperties.AssignedTo = @”domainusername”;
    createTask1.TaskProperties.Title = @”Please complete the task”;
    createTask1.TaskProperties.Description = “This is sample SharePoint Task”;
    createTask1.TaskProperties.DueDate = DateTime.Now.AddDays(7);
    createTask1.TaskProperties.EmailBody = “This is the sample email body ”;
    createTask1.TaskProperties.SendEmailNotification = true;

    // Define a HybridDictionary object
    HybridDictionary permsCollection = new HybridDictionary();
    // Give Administrator rights to the user to whom the task has been assigned
    permsCollection.Add(createTask1.TaskProperties.AssignedTo, SPRoleType.Administrator);
    // SpecialPermissions -the SpecialPermissions property in your code will strip out all existing permissions inherited from
    // the parent list(Workflow Task List) and only adds permissions for each pair you added to the hashtable
    createTask1.SpecialPermissions = permsCollection;

    }

    Like

  2. to set edit permission only to task “AssignedTo” user can be achived by associating of a simple workflow to Task /Workflow task list.

    SPD has an activity called “Grant” and “Remove” Permission. This can be used to set permission only to “Assigned To” user or Group

    Like

  3. thank you for your post
    but after i add the event receiver users can not add task item it give me error

    The form cannot be submitted.
    The form cannot be submitted to the specified SharePoint list or document library. The SharePoint location may be read-only or you may not have permissions to access it.

    Like

  4. Nishant,

    Please let me know how to show only tasks assigned for current user only, I want to hide all others tasks.

    Also where to add this code? Please provide step by step details. My workflow is designed in SPD.

    Like

  5. Iam facing the same problem any user can access others task, where to put the code provided ,do it like web part??

    can u give me more details

    Like

Share your thoughts

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s