The leave request PowerApps template has been really great for my customization to suit a small office I'm working for. Recently, I have rolled this out for our users but I am concerned about the data source because the excel data file is being shared to users with edit access rights in order to have the apps working. Although the edit access rights have been shared without notification, the file can still be accessed through 'Shared with' under the users' OneDrive account and this is a security loophole.
It will be really helpful if anyone has easy & good solutions on how this security loophole can be mitigated.
Hi @Purikura :
I'm afraid it is not possible to allow users to use PowerApps, without granting those users direct access to the data source.
Currently there is an ideal under review is "Removing user ability to access data source without using the app", I think you should be interested in it.
If you need this feature, please vote for this ideal.
Thank you for your reply.
It is really unfortunate to hear that it's not possible as this is a major security flaw.
I have voted for the idea but it looks like the idea has been around since 2018 and many people are facing the same issues. Do you have a clue when will Microsoft release patches for this?
Hi @Purikura :
I think of another alternative for your reference:
Step1:Create two entities in CDS and then give different permissions to different types of users
Step2:The user submits the request to Entity1 for Adimin to review.
Step3:After Adimin reviewed and agreed, copy the record to Entity2 and delete the record in Entity1.
Step4:Users can modify and review the records in Entit1, and can also see the approved records in Entity2.
In this way, the user can see but cannot modify the approved record, and can modify the unapproved record at any time.
Check out new user group experience and if you are a leader please create your group
Did you know that you can visit the Power Query Forum in Power BI and now Power Apps
Participate in the Power Virtual Agents Community Challenge
Power Platform release plan for the 2021 release wave 2 describes all new features releasing from October 2021 through March 2022.