Skip Ribbon Commands
Skip to main content

Laura Rogers @WonderLaura


Quick Launch

Laura Rogers @WonderLaura > Posts > Submit Form to a Secure Location
Hi everyone,
My blog now has a new URL!
You can now find me at
January 26
Submit Form to a Secure Location

Forms and security. It is a common requirement to have a form that can be filled out, and when it is submitted, it goes to a location that the form submitter does not have access to. This is tricky because the users need to have contribute access to a list or library in order to create new items in it, but then if they can do that, they can access everything else in the library. There are many variations of this requirement, but in this post, I'll show how it can be done in a pretty simple way.

General overview: This concept can be done with either a list item or a library. (I'll just use the term "list" in this overview, just to get the general point across). Create a content type. Create two lists. Add the content type to both lists. List A "New Items" items can be created by anyone on the site, and List B "Locked List" is locked down so that only managers have permissions to access it. When new items are created in "New Items", a SharePoint Designer workflow runs an impersonation step that copies that item over to the "Locked List", and then deletes it from the original list.

This solution can be done out of the box with SharePoint 2010 (any version), and SharePoint Online with Office 365.

Since InfoPath is the most common thing that I use to create forms, and I get asked about this a lot, I'm going to use an InfoPath form in my example here.

  1. If you don't already have a document library on your site called "Form Templates", go ahead and create it.
  2. When you publish your form to SharePoint, instead of publishing it directly to a form library, publish it as a content type. Note that if your form has been published as an administrative template, that's fine too, but just less common. Click Next.

  3. Choose Create a new Content Type, and click Next.

  4. Name your content type, with whatever the name of the form is. Mine is a Check Request. Click Next.
  5. On the screen where you specify a location for the form template, click Browse. Select the Form Templates library on your site, and give your form a name. I called mine CheckRequest.xsn. Click Next.

  6. Pick your fields that you want to be columns, and click Next. Click Publish. Click Close.
  7. Create two new form libraries. "New Check Requests" and "Locked Check Requests".
  8. Go to the Library Settings screen of New Check Requests, and click Advanced Settings.
  9. Change Allow Management of Content Types to YES. Click OK.
  10. On the Form Library Settings screen, click Add from existing site content types.
  11. Click Check Request (or the name of your own content type from step 4) and click the Add button to move it to the right side. Click OK.
  12. Click the "Form" content type, and click Delete this content type.
  13. Go to the Library settings screen of Locked Check Requests. Repeat steps 8 through 12.
  14. In your InfoPath form, make sure that the Submit data connection is set up to submit the forms to the New Check Requests library.
  15. Open your site n SharePoint Designer, and create a new workflow based on the New Check Requests library.
  16. Name the workflow New Check Request, and click OK.
  17. Put your cursor underneath the Step 1 box, and click the Impersonation Step button in the ribbon, so your screen will look like this:

  18. Delete Step 1. Put your cursor inside of the Impersonation step and add the action called Copy List Item. Then add the action Delete Item below it.
  19. Set up the copy so that it copies from the current list over to the Locked Check Requests. Then make it delete the current item. Like this:

  20. Click Workflow Settings in the ribbon. Under start options, only put a check box next to Start workflow automatically when an item is created.
  21. Publish the workflow.


Okay, it's done now. The key here is that the permissions will be set up as so:

  • People who need to be able to fill out the form: Give them Contribute permissions on the New Check Requests Library. Do not give them permissions on the Locked Check Requests library at all.
  • People who need to be able to access the whole list of forms that have been submitted: If they need to be able to *modify the forms that have been submitted, give them Contribute access to the Locked Check Requests library. If you only want them to be able to see the submitted items and not change them, just give them read access.
  • The key here is that when the workflow copies items over from one list to another, it uses the login of the person who published the workflow. The best practice for workflows with impersonation steps is to publish the workflow as the SharePoint admin account, and not someone's personal account. You know, just in case. You wouldn't want someone to leave the company and then none of the workflows function anymore, right?

Again, to reiterate…. This is just the most simple way to accomplish this goal. Of course, with impersonation steps in a workflow, you could change permission on each individual item in the list or library via workflow. It just gets kinda messy and hard to manage when you start delving into individual item permissions. The method in this blog post is simple because you the permissions are set at the library level.

Keep in mind that with some list types in SharePoint, such as a custom list, there is a setting in advanced settings that you can use. Unfortunately, this setting just doesn't exist in libraries.

Note: If people will be modifying the submitted forms after they have been moved to the Locked Check Requests Library, there is one more important consideration… the submit data connection. You'll have to create another submit data connection that submits to Locked Check Requests, because you probably don't want to have a bunch of duplicate files. There just needs to be a condition that looks to see if this is a form that has already been initially submitted. So, for example, you can create a field called "FormStatus". When the submit button is clicked, add an action to set a field's value, where you set the FormStatus to submitted. That way, you can create a condition so that if a form has already been submitted initially, then it gets submitted to the Locked Check Requests.




Once again, you have provided some great insight into OOTB functionality of SP, SP Designer, an IP. Thank you!

I am wondering, however, if there is a way that I can integrate save as draft functionality with this workflow to save to a secure location.

In another blog, you described a way for users to submit a form as a draft by using the FormStatus field. This was a great way to allow users to save their forms.

I want users to see only their drafts on SP. I can use the relevant documents web part to accomplish this task; however, any other document the user submitted to the site will appear in this web part.

If I use the above workflow to copy "submitted" drafts to a "restricted" library, will the user be able to see/edit/view the file in the "restricted" library through the relevant documents web part?
 on 2/1/2012 12:17 PM



Thanks for the great article.  Is there a way for the submitted to locked library to run after the form passes through a couple of other steps (ie. Draft, Review, Approved, Final), only move to the locked library after it reacheds the Approved step.
 on 2/6/2012 4:04 PM


In this solution, the users would not be have contribute rights to the library, because that's the common requirement that I was going by.  If you want them to be able to edit them after submitting, you may want to use an impersonation step to just change the permissions on each item when it's created, so you can just give the "created by" person access to edit it, and everyone else just "read", or whatever you want to do.

Yes, just create a field called "status", and create a condition in the workflow so that it only moves the file IF status is equal to FINAL (or however you want to do it).
Laura RogersNo presence information on 2/7/2012 10:03 PM

Pete Murphy

Is there a way to do this without SharePoint Designer?
 on 2/16/2012 4:55 PM


Hi Pete,
Not using this method, no, unless you have a 3rd party workflow tool that can also do impersonation or assign permissions.  You can do something similar and avoid SPD altogether, but you wouldn't have true file security.  You could set up a view in the form that basically says ""you don't have access to this form"".  Use a separate sharepoint list to put people in who DO have access to it, and pull that list in via data connection, and check that the logged in user is in that list.  If they're not, then you send them to that view.
lauraNo presence information on 2/16/2012 4:59 PM


Hi Laura,
can you please provide a post on document sets and how an infopath form can be submitted to a document set. Also can a new document set form be edited using infopath to incorporate some business rules? I'm developing case management solution where each case will have lots of documents attached. Document Set feature within Sharepoint 2010 seems to be a good fit, but there are also comlex forms that end user would have to use for each case, so infopath would be great for the form part. I'm having trouble with Infopath and Document Set working together exchanging information and submission part.
 on 3/6/2012 2:43 PM


I do not know how that would be accomplished.  Maybe a 3rd party workflow tool?
lauraNo presence information on 3/14/2012 10:36 PM


Hi, can you have the same reslts in SP 2007. We have a HR department wanting lots of infopath forms  but currently I am refusing because each submitter has contribute access to the destination library......
 on 3/28/2012 11:21 AM


in SP 2007 .....I have got to the point where I get the workfolw to work if i submit a form as  system account.

If I am logged on as an random user the form submits but the workflow fails to copy teh item accross to the locked form library.

So as you say its best have the workflow run with system account authentication.  How do I do that in SP 2007? there seems to no option for impersonation...or am i wrong?
 on 3/29/2012 8:27 AM


Hi Laura,
This has been very helpful. I wonder if you have come across the following issue.
My Infopath form submit button saves the form to the submitted library  as concat("Expense Report - ", DisplayName, " ", now()) and then, so that my users won't be prompted to save the form again, (it prompts to save as as formXX.xsn when I close the form)  I have also added the "Close the Form" action to the submit button.
This creates the form in the library and then closes the form, but this workflow doesn't run as expected any more. I still receive the approval workflow email but the approval metadata column does not show "In progress". It is blank.  I can go into the running workflow and approve it, but again the workflow metadata column is not updated and the form is not copied to the completed library.
If I remove the close form action from the submit button, everything starts working again. I thought that once the item was created in the submitted library that closing the form would have no effect, but I am wrong.
Am I doing something wrong?
 on 3/30/2012 11:32 AM


@Pete Murphy
It's possible to do this by developing an event receiver.
That's an option I choosed.

For all automated actions, you always have the choice doing it by a workflow that is started on each change on the element or an event receiver, doing exactly the same.

 on 4/12/2012 7:38 AM
​I have disabled any new comments on this, because my blog has moved to a new site.  Please go here:
RSS FeedFacebookYouTube

 Our Books for End Users