cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Reply
theBIbutler
New Member

Common Data Service Database Security

‎04-12-2017 07:46 AM

Hi,

 

I have created a database within my organisations default Environment.

 

I have selected Restrict Access and then have not added any Permission Sets to the Organization User.

 

All users still seem to be able to access the database and entities when in PowerApps.

 

I thought that by default no access rights were assigned?

 

Anyone help?

 

Cheers

 

Mark

Labels:
Message 1 of 4
1,979 Views
0 Kudos
3 REPLIES 3
mr-dang
Community Champion
Community Champion

‎04-12-2017 09:14 AM

Therein lies the dilemma: your users need create/update/read/delete permissions to your entities so that they can interact with the data, but in turn, users can download the entity and see all the data in Excel. If you revoke read access, they can't pull up any data.

 

It's a huge security flaw if you want to use CDS for sensitive or semi-sensitive data that you don't want all your users to download. I quit making my gradebook app because of this concern.

 

In December, I proposed an Idea expanding permissions to include limiting access to Excel or adding more specific read access. Please upvote the idea--it should the a top priority:

https://powerusers.microsoft.com/t5/PowerApps-Ideas/Expand-CDM-Permissions/idi-p/16475

 

Microsoft Employee
@8bitclassroom
Message 2 of 4
1,968 Views
Anonymous
Not applicable
In response to mr-dang

‎04-13-2017 01:15 AM

Hi mr-dang,

 

I'm aware that for them to have access to specific entities through an app they will inherit access to the whole entity; agree that's not great.

 

However my issue is that I haven't given any users access to anything yet but they can still see all of the entities in Power Apps. How do I set it up so no one can see anything until I assign permission sets to user roles and add users to them?

 

Cheers

 

Mark

Message 3 of 4
1,950 Views
0 Kudos
CWesener
Power Apps
Power Apps
In response to Anonymous

‎12-01-2017 12:19 PM

Hi Mark - can you quickly check if you have granted any of the other roles like DB owner to users? If not, I'd like our team to have a look at your environment. If you could please go to https://powerapps.microsoft.com/support/ and create a new support ticket - we will have one of our team investigate.

 

Thanks,

 

Thanks,
Clay.
Message 4 of 4
1,532 Views
0 Kudos

Helpful resources

Announcements
Power Apps Africa Challenge 2022

Power Apps Africa Challenge

Your chance to join an engaging competition of Power Platform enthusiasts.

Super User 2 - 2022 Congratulations

Welcome Super Users

The Super User program for 2022 - Season 2 has kicked off!

September Events 2022

Check out all of these events

Attend in person or online, there are incredible conferences and events happening all throughout the month of September.

Government Carousel

New forum: GCC, GCCH, DoD - Federal App Makers (FAM)

In response to the unique and evolving requirements of the United States public sector, Microsoft has created Power Apps US Government.

View All
Users online (1,931)