Hi
I need some help RE: Power apps row level security
Can I use the AD connector, to show the AD groups the user is part of and then use an AD group to filter my gallery to hide data that is not their AD group?
Any tips/hints to do this?
Solved! Go to Solution.
Hi @jesenavaranjan ,
The following formula
AzureAD.GetMemberGroups("The email address of the specific user", false)
could get all of the groups a member is a part of.
Best regards,
Hi @Anonymous ,
Could you please share a bit more about your scenario?
Could you please share more details about your Gallery Items data? Could you please share a bit more about data source you used within the Gallery?
Further, do you want to filter your Gallery items to hide data that is not belong to current user's AD groups?
I assume that, you added a column (called "ADGroupName") in your data source (which your Gallery connects to) to store the AD group name to identify the record is belong to a specific AD group, is it true?
If you want to filter your Gallery items to hide data that is not belong to current user's AD groups, I have made a test on my side, please take a try with the following workaround:
Set the OnStart property of the App control or the OnVisible property of the first screen of your app to following:
ClearCollect(
CurrentMemberGroups,
AddColumns(
AzureAD.GetMemberGroups(User().Email, false),
"GroupName",
AzureAD.GetGroup(Value).displayName
)
)
Set the Items property of the Gallery to following:
Filter( 'Your Data Source', ADGroupName in CurrentMembersGroups.GroupName )
In addition, if you want to choose an AD Group from the groups the current user owns, then filter your Gallery items, you could consider add a ComboBox control within your app, set the Items proeprty to following:
CurrentMemberGroups
Set the Items property of the Gallery to following:
Filter( 'Your Data Source', ADGroupName in ComboBox1.Selected.GroupName
More details about Filter function in PowerApps, please check the following article:
Best regards,
HI! thanks for this reply, few questions and clarifications
- Yes, There is an Owning Org column that will mirror the AD group name
- What you've explained below seems to be for groups the logged in user is an owner for? I need to know the groups the user belongs to? and then filter based on that
- I don't just have 1 AD group, I could have 10-20 different divisions - I need the app to match the AD groups the member is a part of, and then filter the data based on these AD groups.
Please and thankyou
Jese
Hi @jesenavaranjan ,
Could you please share a bit more about following?
I need to know the groups the user belongs to? and then filter based on that.
Could you please share a bit more about the "the user" that you mentioned? Is it a specific user?
I think you have some misunderstanding with the AzureAD.GetMemberGroups() formula. The AzureAD.GetMemberGroups() function is used to get the groups a user is a member of (not the owner). Please check the following article for more details:
https://docs.microsoft.com/en-us/connectors/azuread/#get-groups-of-a-user
Based on the needs that you mentioned, I think the solution I provided above could achieve your needs. If you want to get the groups a specific user, please type the following formula:
ClearCollect(
CurrentMemberGroups,
AddColumns(
AzureAD.GetMemberGroups("The email address of the specific user", false),
"GroupName",
AzureAD.GetGroup(Value).displayName
)
)
Best regards,
Hi!
I see
Is it possible to see all of the groups the member is a part of?
As I don't know all the member groups.
Jese
Hi @jesenavaranjan ,
The following formula
AzureAD.GetMemberGroups("The email address of the specific user", false)
could get all of the groups a member is a part of.
Best regards,