Conditionally Break Inheritance Of SharePoint List Item Using Nintex Workflow 2016

SharePoint 2016 general availability was announced in the Future Of SharePoint conference in May 2016. The series that discusses the installation of SharePoint 2016 in Azure can be found at C# Corner from the below links.

Nintex is a premium technology partner for SharePoint. With the announcement of SharePoint 2016, Nintex made the announcement of the general availability of Nintex Workflow 2016 July 11 2016.

In this article, we will see how to set item level permissions in SharePoint list using Nintex workflow based on the list item column value. As a prerequisite, let’s create a list ‘Classified List’.

Add the below columns. Ensure ‘Confidential ?’ column is created in the list. When an item is modified, based on this column value (If Yes) the permission inheritance will be broken and unique permissions will be assigned. In order to assign Unique Permissions, we will be making use of ‘Approver 1’ and ‘Approver 2’ user fields in the list.

Let’s go ahead to the primary list where we will be running our Nintex Workflow. In our case, it is the ‘User Profile’ List. Select ‘Create a Workflow in Nintex Workflow’.

This will open up the Nintex Workflow designer. Add the Run-if condition to the designer.

Once the action is added, it will show the condition missing warning. Click on the "Configure" button in the action.

We will be triggering the workflow if the ‘Confidential ?’ value is equal to ‘Yes’. Specify the condition in the configuration form.

Drag and drop ‘Set item permissions’ action to the Run if block, so that based on the ‘Run If’, output ‘Set item permissions’ action will be run.

Click on Configure action to set the item permission properties.

By default, the list item is set to inherit permissions from parent.

Set the ‘Inherit Permissions from parent’ to ‘No’. Now, we will have to assign unique permissions to the list item. We can do that by assigning the new user permissions by getting the user from the List columns ‘Approver 1’ and ‘Approver 2’. Click the browse button next to Users field and select the list item field ‘Approver 1’ from Item Properties tab. Set Full Control Permissions.

Similarly, click the browse button next to Users field and select the list item field ‘Approver 2’ from Item Properties tab. Set Full Control Permissions.

Eventually, the configuration form will look like the below image.

The workflow designer now looks like the following.

Now, set the workflow triggering condition. Click on Workflow settings.

Here, we are setting it to ‘Start when items are created’ so that the workflow triggers on item creation.

Publish the workflow.

Specify the workflow name and description, and click Submit.

The workflow is being published.

Finally, the publishing is completed.

Let’s go ahead and create a new item with ‘Confidential ?’ column value set to ‘Yes’.

This will trigger the workflow and the status can be verified from the workflow column ‘Break Inheritance’.

The workflow has run to completion.

Let's go to the permissions page and see the list item permission setting.

Thus, the list item has been assigned a unique permission.


We saw how to assign unique permissions to a SharePoint 2016 list item, based on its column value, using Nintex Workflow 2016.