cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
AndiRodi
Level: Powered On

Managemanagement of the visibility of the apps created in powerApps through the sharePoint groups

Hi all,

 

I've a big question. My issue is about how can i manage the app's visibility in sharePoint based on the group or ruli of which the logged in user belongs.

 

Case: I am a user who has accessed the sharepoint platform of my organization. I am a developer and can only access some specific applications. Someone else can be part of another group and must access other applications.
If I insert a new user in my organization, it is a way to tell the system (for example when I make an app via powerapp) that that app can only be visible to users registered to a specific group or role - defined by a field of db and / or from the sharepoint group?
Can you make sure that PowerApp can access a DB and analyze a specific field and, based on the value of the field, communicate to sharepoint which applications can use the user inserted in the database in which he / she logs in?

 

Maybe my question is a bit messy.

I hope I have given you an idea of my problem.

 

Thx,

Andi

7 REPLIES 7

Re: Managemanagement of the visibility of the apps created in powerApps through the sharePoint group

Hey AndiRodi,

 

There are few things you need to considere:

1. if an app is a customized SP form then it's connected with SP list permissions

2. if an app is embedded via modern webpart on SP page than:

  • manage permissions to page in SP
  • the app should be shared to security group that contains the same users set as abovely mentioned SP page

PowerApp does not support O365 group sharing.

 

You can also use conditional formating and popups inside your app to define it's behaviour based on current user O365 group. Shane Young has great video on that.

AndiRodi
Level: Powered On

Re: Managemanagement of the visibility of the apps created in powerApps through the sharePoint group

Thank you Mike,

 

So let me understand, I can not make sure that my application, when it is created, is accessible / visible to a specific group of users rather than others. I mean, there is no visibility mechanism that allows me to make the application available to a specific group of users of my organization (example: to groups of o365). An app realized for HR group must be seen just from HR users of the organization (a further feature could be about ther role into the group). I can't do it.

 

Thx

Andi

Highlighted

Re: Managemanagement of the visibility of the apps created in powerApps through the sharePoint group

You do have control if app is accessible/visible for security groups (set in AAD). For O365 groups you cannot set it's accessibility but you can define behaviour of an app inside of it (which is not you want I believe)

AndiRodi
Level: Powered On

Re: Managemanagement of the visibility of the apps created in powerApps through the sharePoint group

so I can manage availability directly from AAD, i need just to make ite accessible. So I do not need to assign (share) the application for each individual user but I can do a bulk assignment based on the groups in AAD. Right?

 

Thanks a lot. you gave me an excellent answer. I am new in PowerApp and i just sturted to know this world and i do not know pretty good all what ia can do.

 

Thx

Andi

Re: Managemanagement of the visibility of the apps created in powerApps through the sharePoint group

Exactly - use security groups. Remember that you can also manage them directly from O365 admin panel!

AndiRodi
Level: Powered On

Re: Managemanagement of the visibility of the apps created in powerApps through the sharePoint group

Hi Mike,

 

Last thing please.

 

if I'd want to create an app that allows me to show users only a certain amount of data according to the precise access permissions, how can I do?
I mean. In the case where: Jhon is a user who belongs to the "Sales" group. He has a role as a simple seller into the group and so he can only look up the reports related to his contractors. Mark is the manager of the "Sales" group. He can look up all sales reports, so all contracts of all sellers.
Is there any way to say (in powerApps) to the application to show only "his" data to Jhon and "all" data to Mark? is it possible in PowerApp ? 

 

Thx 

 

Andi

Re: Managemanagement of the visibility of the apps created in powerApps through the sharePoint group

PowerApps has security trimming e.g. you can't get data from SP if you don't have access.

However if users has access to each row and you want to specify access based on some field value (e.g.MinimalRoleName) it's definately possible and that is something I do quite often. 

Check this video and you'll get the concept: https://www.youtube.com/watch?v=IvapIsBbM-U

 

In terms of specific implementation - you have 3 alternatives:

  1. prepare whole screen specific for each role and manage screen navigation based on the role
  2. prepare parametrized query to data source (e.g. Filter("MySource", MinimalRoleName=RoleNameVar))
  3. prepare just the data set (gallery) specific for each role and manage gallery visibility based on the role

Each of above depends on the amount of dependency between role and app logic.