We've got a workflow that finds the manager of an AD user (from InfoPath field), then Replaces the Current Item's permissions with Read for the manager only and strips everything else.
The problem is that during the moments a form has made its way to the database but BEFORE the permissions are set by the workflow, a user NOT in the chain can access the record. Has anyone run into this before?
It seemed like such an unlikely thing to happen yet it has happened twice already in the last few weeks and is a real problem for us. We haven't tested to see how long the "moment" is for yet but that might be a good next step.