SharePoint 2013 Workflows task permission workaround

Hi there, I'm Troy McClure, maybe you remind me for the wonderful tutorial Visual studio SharePoint 2013 workflow walktrough
/mode joke off
Everyone noticed users can view/edit tasks but this is not a customer wish 99/100 times.
Someone asked me how to change task permissions so only assigned user can watch/edit/whatever task item. Unfortunally you cannot do this using Visual Studio in the OOB way and you need to create a custom Visual Studio activity, definitely not a developer-friendly task. I sense you are smiling because you think i'm gonna deliver you a custom activity you can just plug'n'play right now.
Sorry but today i'm just gonna show you a porkaround (no it's not a misprint).
I'm talking about event receivers.
Someone is saying: i already tried to do a event receiver, but it's not possible to make it run on a workflow task list. The key it's simply to change the event receiver list template n. 171.

Now use this simple piece of code you can find in example 03.

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22

public override void ItemAdded(SPItemEventProperties properties) {     base.ItemAdded(properties);       // Safety... never enough     this.EventFiringEnabled = false;       SPListItem currentItem = properties.ListItem;     SPFieldUserValueCollection usersField = (SPFieldUserValueCollection)currentItem[SPBuiltInFieldId.AssignedTo];       // Just one assigned user per task     SPFieldUserValue userField = usersField[0];     SPUser assignedTo = userField.User;       List<spuser> editors = new List<spuser>();     editors.Add(assignedTo);       ItemHelper.SetPermissions(currentItem, null, editors);       // Rollbacking safety setting     this.EventFiringEnabled = true; }

I also created a little helper method which helps you to restrict permissions without any useless roundtrip.

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39

public static void SetPermissions(SPListItem item, List<spuser> readers, List<spuser> editors) {     SPSecurity.RunWithElevatedPrivileges(() => {         using (SPSite site = new SPSite(item.Web.Site.ID))         {             using (SPWeb web = site.OpenWeb(item.Web.ID))             {                 item = web.GetListItem(item.Url);                   item.BreakRoleInheritance(false, true);                   if (readers != null)                 {                     foreach (SPUser u in readers)                     {                         item.RoleAssignments.Add(CreateRoleAssignment(item, u, SPRoleType.Reader));                     }                 }                   if (editors != null)                 {                     foreach (SPUser u in editors)                     {                         item.RoleAssignments.Add(CreateRoleAssignment(item, u, SPRoleType.Editor));                     }                 }             }         }     }); }   private static SPRoleAssignment CreateRoleAssignment(SPListItem item, SPUser user, SPRoleType roleType) {     SPRoleAssignment roleAssignment = new SPRoleAssignment(user);     SPWeb web = item.Web;     roleAssignment.RoleDefinitionBindings.Add(web.RoleDefinitions.GetByType(roleType));     return roleAssignment; } </spuser></spuser>

As you can see, now young Skywalker must use the force to discover other users tasks.

Anyway, you can download the source here, and yes this is the first post of the brand new post category tips'n'tricks.Enjoy.