cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
misc
Helper V
Helper V

Allow users to see gallery items which are shared with them

My Sharepoint list/app contains sensitive information and so I only want to limit which records users can see to only those they have created or have been directly shared with them.

 

My original solution had the SharePoint list advanced permissions set to 'read all/create&edit all', but the gallery was filtered by User so in the app itself they could only see their own submissions, however, if they got around the app and found the sharepoint list they would be able to see every record.

 

I could set the list permissions to 'only read/edit items created by user', in which case I can take off the gallery filter by user but it means that users can only view items which they created and not those which have been shared with them.

 

As part of the app, users can choose to share a record with selected users; this then uses a flow to assign those people permissions to edit that specific record in the list. This only works if I use my original solution above *however* as stated above, this also means these users can read every list item (have have a direct link to it) *and* it doesn't show in the powerapps gallery. If I can allow the users to see the correct items in the gallery then I can sufficiently hide the list so users won't be able to view every record.

 

tldr; Is there a way to ONLY show items in a Powerapps Gallery which users have created or which have been specifically shared to that user?

 

1 ACCEPTED SOLUTION

Accepted Solutions

Hi,

 

assuming varUser is the current user then:

Filter(LAB01, 'Creator Email' = varUser.Email || varUser.Email in Split('share with', "; "))

 

Is there a reason you are not using a people lookup over a plain text field?

 

Note: Owner of sharepoint sites will be able to see all items regardless of item level security. so when testing permissions, make sure you are using a member level user. 

 

Hope this helps,

Alex

View solution in original post

6 REPLIES 6
BakerAlex
Resolver I
Resolver I

Hi,

 

To set the permissions at an item level, if you have a field with the people with which you want to share, you can use Power Automate to set Item level security:

https://powerusers.microsoft.com/t5/Power-Automate-Community-Blog/Microsoft-Flow-to-Provide-Item-Lev...

Note: this is independent of power apps.

 

If you want to share it with a specific sharepoint group this can be done through Power Automate using the Sharepoint API calls.

 

Hope this helps,

Alex

 

Hey,

 

Yes, so I have people being provided the permissions to view the item in the list no problem at all. That's being done by an Automate flow.

 

The items they can view in the list however do not show in the app - only those they created do.

 

I essentially need a filter on the gallery which only shows items created by or shared with the current user. I've managed to get one which works with 'created by' but not able to work out the 'shared with' part.

Hi,

 

Assuming your flow is working as intended, This could be the list settings. Could you confirm the item level security in the advanced list settings are as follows?

BakerAlex_0-1600349088864.png

 

Are the users able to see the items which are shared with them through the sharepoint site?

 

Thanks,

Alex

My list permissions are as you say - Read all Items and Create/Edit all items. Therefore, all users are able to read the entire list.

 

If my Gallery Items is just the list name (LAB01) then they see all records, even those they did not create or has not been shared directly to them

 

If my Gallery Items is 'Filter(LAB01, 'Creator Email' = varUser.Email)' it only shows records which the user created, and not those which have been shared directly. 

 

Every user has to have basic edit access to the list in order to be able to use the app.

 

I have a column which lists the 'shared with' user emails in plaintext eg. 'test@email.co.uk; test2@email.co.uk' - could I somehow wrap this column into the Filter function above? So if varUser.Email matches 'creator email' OR any of those in the SharedWith column then show the item? I did not think this would work as I assumed it would only read the column as one block rather than recognising them as distinct email addresses but perhaps that is not the case?

 

 

Hi,

 

assuming varUser is the current user then:

Filter(LAB01, 'Creator Email' = varUser.Email || varUser.Email in Split('share with', "; "))

 

Is there a reason you are not using a people lookup over a plain text field?

 

Note: Owner of sharepoint sites will be able to see all items regardless of item level security. so when testing permissions, make sure you are using a member level user. 

 

Hope this helps,

Alex

View solution in original post

Thank you, that's worked!! 

I get the delegation warning but I'm assuming that's just part of the beast and shouldn't be an issue as my data set will never be above 2000 records. 

 


Is there a reason you are not using a people lookup over a plain text field?

 

The simple answer is just that I couldn't work out how people lookups worked. I made a (probably very convoluted) fix where users choose who to share it with on a page similar to the 'People' template; a hidden conCat takes all the emails from that collection, and then a Patch function adds that to the last submitted record's SharedWith column - a Flow then shares that item with those users. If you can point me in the right direction of a better way to solve this then please do.

 

Also I have a guinea pig who has been testing it for me from a non-owner perspective - it's a shame there's not a way to 'play as' a certain permission level to help with this sort of testing.  

Helpful resources

Announcements
UG GA Amplification 768x460.png

Launching new user group features

Learn how to create your own user groups today!

Community Connections 768x460.jpg

Community & How To Videos

Check out the new Power Platform Community Connections gallery!

M365 768x460.jpg

Microsoft 365 Collaboration Conference | December 7–9, 2021

Join us, in-person, December 7–9 in Las Vegas, for the largest gathering of the Microsoft community in the world.

Top Solution Authors
Top Kudoed Authors
Users online (1,974)