cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Anonymous
Not applicable

Controlling access to Sharepoint record through Power Apps

Hello 

 

I have a powerApps that updates records in an SPO List. We are controlling access through SPO Site which means that a user must have contribute access to SPO list to begin with ? We have a requirement , where we want users tp enter a request through PowerApp which eventually enters a record in an SPO list however we dont want them to have edit rights once a record is entered into SPO List. Couple of users should have these rights to make backend changes to SPO list , if required. Is this something thats possible. Could you please advise on alternative ways to control similar access 

 

Thanks 

1 ACCEPTED SOLUTION

Accepted Solutions

Take a look at the following walkthrough.

https://www.c-sharpcorner.com/article/power-automate-break-inheritance-and-set-list-item-level-permi...



-------------------------------------------------------------------------
If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.

Join me at 365 and Pwr EduCon in Chicago
EduCon Chicago 2022

View solution in original post

9 REPLIES 9
Pstork1
Dual Super User
Dual Super User

You can invoke an HTTP REST request using a Power Automate flow to set the item level permissions of items in SharePoint.  That's the easiest way to do this.  As you've seen user's will need to have at least contribute rights to the list itself to create records, but the permissions on the records can be changed after they are created.



-------------------------------------------------------------------------
If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.

Join me at 365 and Pwr EduCon in Chicago
EduCon Chicago 2022

Anonymous
Not applicable

Thanks @Pstork1 . Thats what I am looking for. I will give it a try and let you know of results. Thanks Again 

Anonymous
Not applicable

@Pstork1 , I tried working on HTTP Rest Api as you spoke about but dont see that as an option When i used HTTP Connector. Couldnt find much details on internet too on HTTP Rest request or other methods using HTTP. Could you please elaborate more onto  suggested approach. Thanks in advance.2020-09-15_17-36-53.jpg

Take a look at the following walkthrough.

https://www.c-sharpcorner.com/article/power-automate-break-inheritance-and-set-list-item-level-permi...



-------------------------------------------------------------------------
If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.

Join me at 365 and Pwr EduCon in Chicago
EduCon Chicago 2022

Anonymous
Not applicable

Thanks @Pstork1 for sharing documentation on REST API . By the looks of it , I feel it would help me achieve what I intend to do. I would try this and let you know.

I have a question though ,as we are breaking default inheritance , would this method work when a User require Write access for Creation of SPO Record through a form.And once a record is entered in SPO List the inheritance or default permission would stop working preventing this user updating a record ? I noticed the trigger event in flow for SPO Create and Modified event . 

You are breaking inheritance at the list item level. So the user will still have contribute access to the list itself.  That will let them create new items.  But they will be limited to whatever permission you assign for that one record that you break inheritance on.



-------------------------------------------------------------------------
If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.

Join me at 365 and Pwr EduCon in Chicago
EduCon Chicago 2022

Anonymous
Not applicable

Thanks for the confirmation, @Pstork1 .

 

Such that it helps other too  and to reiterate this solution, I am mentioning below steps that need to be incorporated 

 

- I have two set of users ,internal and external. Only internal users should have access to update a record once its created by external user/s.

- I will create two Access groups within SPO , Group A (Internal Users - Contribute access) , Group B (External Users - Contribute access)

- While using Sharepoint REST API, I would only give permission to Group A users to update a record. Group B users would be restricted along with Created By ID. Could I just use Group B as a restricted ID as anyway Created BY would be an external user already part of Group B.

 

Thanks 

Spoiler
Yes, that should work.


-------------------------------------------------------------------------
If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.

Join me at 365 and Pwr EduCon in Chicago
EduCon Chicago 2022

Anonymous
Not applicable

Hi @Pstork1 

 

It worked. Many thanks for your help 

Helpful resources

Announcements
Super User 2 - 2022 Congratulations 768x460.png

Welcome Super Users

The Super User program for 2022 - Season 2 has kicked off!

Power Platform Conf 2022 768x460.jpg

Join us for Microsoft Power Platform Conference

The first Microsoft-sponsored Power Platform Conference is coming in September. 100+ speakers, 150+ sessions, and what's new and next for Power Platform.

<
Users online (2,592)