I would like to use PowerApps to create a Holiday Request app which links to a SharePoint list, where I am coming stuck is understanding how to prevent a user from going directly to the data source and editing, or removing their request, later, as they will have permissions to it in order for the PowerApps app to work.
There are lots of use cases where it is OK for all users to have access to the data table, wherever it is held, but for this use case, or perhaps a survey where you would like to keep results private, I cannot see how PowerApps with a SharePoint list can achieve this.
I am also unable to find anyone talking about this on the forum or in blogs, so I feel like I may be missing something obvious!
Any thoughts, tips or info on how other people have dealt with this would be much appreciated!
What i understood in this question is, you want people to go to another screen without going to the main source.
That's actually very easy to accomplish! To do so, is add a new screen in powerapps and put that screen, the first screen of all! When powerapps is started, it will lead the users to the screen! Then you just need to use the Navigate coding, to lead the users to whatever screen you want!
Don't forget that, after they submit an Answer, they will go the the "Source" data. To avoid this, go to the editform1, and go to OnSuccess screen, and then change to:
Navigate([INSERT SCREEN HERE], None)
I hope that you find this usefull, if you need any help just say so 😄
Thank you for your response, but unfortunately this is not my concern.
The scenario I am thinking of is: I create a Holiday Request app which updates a SharePoint list. If a user requires permissions to the SharePoint list to be able to submit a holiday request, what is to stop them from navigating directly to the SharePoint list and editing their previous holiday requests - i.e. to be able to get extra days off?
Hey there @MikeTwister,
I'm sorry, but i can't think in a solution for that... What you can use is the OnStart mode, but you have to search a little deeper since i am not able to give you such coding to what you want...
What i can say is, make a person being able to ONLY answer once, so they can't add once or twice...
I know this isn't what you are looking for, so sadly... you will have to wait for a good answer...
I have exactly the same issue, to separate data access from process was not a big deal in workflows, but in PowerApps something like this is not possible, which is really shame in my mind... As it is really not compliance to just give eveybody full access to everywhere...
I have already created idea on this topic, feel free to vote for it:
Yes, unfortunately there are no access restrictions as of yet. I have similar situation where in my organization I have a Travel Request App and it connects to a SharePoint list. I just keep the SharePoint list hidden from the users so they have no easy access to it (you can only access the list by using direct URL). I imagine tech savvy employee would be able to find the list but for now it works as we believe people will behave ethically.
I would be interested if there is something in the plans from the PowerApp developers to do something like that where PowerApps have their own access rights to the list and the list is locked from editing from individual people.
Also, I think if you create an app using CDS people will not be able to manually edit the data source, however every user will have to have PowerApps plan 1 license.
I'm glad it's not just me - there didn't seem to be a lot of other people out there coming up against this.
I have voted for your idea.
I don't have a link, but I am pretty sure I saw a Microsoft post, or a Microsoft employee responding to a blog post question, saying that they are working on at least having Flows run independently of the user.
Thank you for your response - I think relying on honesty seems to be the best option at the moment.
I will look in to the CDS option further.
An ideia that i have got, but it would take some time, is to create the same app for different users... You don't have to create from scratch, since you can go to Save As, and it will create the exact same app, but in a other app! What you can do is, do something for users that have one type of permissions in one app, and the other app, something for other type of permissions! It would take a little much time, since you had to put the people's name one by one, and modify those all the time, to whatever suits your needs, but both share the same Sharepoint list!
I hope this can you at this moment!
I am not sure that we understand each other. Our biggest problem is not to split the roles.
We need to prevent users which need to be able to modify list via application, should not have access directly to the source list.
Your suggestion is to split them to readers/editors... But it still doesnt not solve our issue that editors will have access directly to the source.