SharePoint 2010 Workflows, Impersonation Steps,and Security
https://sharepoint.stackexchange.com//questions/35069
-
08-12-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm starting to do some workflow design with SharePoint 2010, and I like the idea of the Impersonation Step. I plan to use it to modify the security settings of submitted items (such as not allowing a submitted InfoPath form to be edited once the request has been processed).
I understand the Impersonation Steps run "using the permissions of the author". Now, does that mean that WF actually impersonates the Author's identity when the step is called? If so, what happens if the author leaves the organization and their account is disabled? Does the workflow fail? If that's the case, how can I create a robust workflow which can survive even if the workflow author leaves?
Solution
The workflow impersonates the "Author" from a SharePoint point of view for that step. So if she somehow looses her rights if'll fail.
The reason I'm putting "Author" in quotes is that in my option it's a wrong term, because in fact it's the last publisher's identity which is used.
So if the workflow fails due to the "Author" loosing the rights any user with sufficient rights can go in and publish the workflow and it'll start working again.
In fact you can do this as a general rule and have some "service account" which is used to publish all workflows so they'll run with the permissions of that account which should then not be a real person.
