cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
AnnaBrodnicki
Advocate I
Advocate I

Prevent people from accessing SharePoint list that the PowerApp is connected to

I'm building a marketing studio time request app that doesn't contain personal information but business sensitive information from the point of view that we don't want people to see other people's submissions due to the inernal politics that might result from it.

 

I am setting up the powerapp so that staff can submit their time requests and then can go back into the app and view/edit their own submissions only using a formula based on user.  The data source is a SharePoint list.  I understand that in order to add/edit from the PowerApp they need to have the relevant permissions for list in SharePoint.  

 

So the PowerApp will act as the front end for the submissions and the SharePoint list will act as the back end for the team processing the submissions.

 

I don't want people in the organisation to be able to access the SharePoint list and view other people's submissions/list items or have the ability to edit other people's submissions/list items.

 

I could hide the SharePoint list as much as I can by not having it on navigations etc and even create a default view that contains bare minimum info in case someone does navigate there but I feel it's still open to being discovered and information viewed.  This is a worry for any future apps that I might create that contain personal data or business sensitive information.

 

Does anyone have any suggestions about the best way to control this and prevent people from accessing the Sharepoint list that the PowerApp is connected to? 

 

Thanks,

 

Anna

35 REPLIES 35
v-monli-msft
Community Support
Community Support

Hi @AnnaBrodnicki,

 

There is no way to prevent your users to access your SharePoint site, but keep their access of the data in PowerApps. You users must have the proper permission on SharePoint list to make it work in PowerApps. You can hide the navigation bar of the list in your SharePoint site, but if your users get the link to the list, they will always be able to access the list.

 

Regards,

Mona

Community Support Team _ Mona Li
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Hi @AnnaBrodnicki,

 

In the List Advanced Settings, you have the Item Level Permission that allow users to "Create Items and Edit Items that were created by the user". 

I haven't tried to combine this option with a PowerApps yet but you can give it a shot.

 

Théo 

Greath thanks, I hadn't spotted that setting so I will give this a try.

Thanks.  What is  the best alternative to a Sharepoint list if you're dealing with sensitive information?

tchin-nin
Memorable Member
Memorable Member

I would probably say SQL server / Azure SQL since I don't really know CDS for apps. But these 2 datasources appear to be the best for large data set (good delegation) and data exposure.
SharePoint is a good DataSource IMO for teams apps where not to much data complexity and confidentiality is required.

Théo

Thanks, definitley an area I need to start to look into

DavesTechTips
Super User
Super User

Hi @AnnaBrodnicki

 

If you have confidential data SQL would be better, but if you want to use a SharePoint list, you can consider customing the default form in the sharepoint list to be a PowerApp form as well, and just add one control on the Form to tell the user that they shouldn't be here Smiley Wink Attached is what they then see when they try and access an item.2018-09-16_18-27-31.jpg

 

You can then also hide all the detail on the view and prevent users from creating customised views.

 

 

Thank you, that's another thing that I hadn't though of

Adam_116
Advocate I
Advocate I

Hi All,

 

I have the same issue and have been playing around with modifying the SharePoint permission levels. From the testing I have done so far the below seems to work.

 

Would welcome any feedback or flaws spotted on this approach. Aim is to allow users to only add/edit items through the app, and prevent them getting in to the SharePoint (Team Site).

 

1) Modify the Read permissions level to only include site permission 'Open  -  Allows users to open a Web site, list, or folder in order to access items inside that container.'

2) Add users to the 'Site Visitors' group which gives Read permission to the site

3) Stop Inheriting Permissions on the concerned lists

4) Modify the 'Contribute' permissions level to only include: 

Site Permissions - Open  -  Allows users to open a Web site, list, or folder in order to access items inside that container. & View Pages  -  View pages in a Web site.

List Permissions - View Items  -  View items in lists and documents in document libraries. & Edit Items  -  Edit items in lists, edit documents in document libraries, and customize Web Part Pages in document libraries. & Add Items  -  Add items to lists and add documents to document libraries.

5) For the concerned lists give the Visitors user group Contribute access to the the list.

 

Anytime I have tested this with a user (both the Sharepoint URL & List URL) they get the message stating they do not have access/request access.

 

Thanks


Adam

Helpful resources

Announcements
UG GA Amplification 768x460.png

Launching new user group features

Learn how to create your own user groups today!

Community Connections 768x460.jpg

Community & How To Videos

Check out the new Power Platform Community Connections gallery!

Welcome Super Users.jpg

Super User Season 2

Congratulations, the new Super User Season 2 for 2021 has started!

Carousel 2021 Release Wave 2 Plan 768x460.jpg

2021 Release Wave 2 Plan

Power Platform release plan for the 2021 release wave 2 describes all new features releasing from October 2021 through March 2022.

Users online (2,215)