cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
EmilyS
Frequent Visitor

Request Leave App - Microsoft template app

Hi there, I have set up the Request Leave app for my company and but there are a few issues which I'm hoping I might be able to get help on.

 

Currently a user could technically send the request to themselves and approve their own holiday, is there a way to lock this down to only their manager and perhaps one other delegate?

 

Also not overly keen on the fact that the database for it is an excel file on OneDrive as users could access the file and see the leave balance and requests of other employees.

 

Any suggestions on how to overcome this?

 

Many thanks 🙂

1 ACCEPTED SOLUTION

Accepted Solutions
v-bofeng-msft
Community Support
Community Support

Hi @EmilyS :

Q1: is there a way to lock this down to only their manager and perhaps one other delegate?

Please try this solution:

Set

ChangeApproverScreen-GalleryChangeApprover's OnSelelct property to:

 

If(ThisItem.Mail=Office365Users.Manager(User().Email).Mail || ThisItem.Mail in ["mail1@xx.com","mail2@xx.com"],
Set(_selectedApprover, ThisItem);
Set(_selectedApproverPhoto, Office365Users.UserPhoto(ThisItem.Id));
Back(),Notify("Invalid approver"))

 

1.JPG

In this way, the user can only choose his manager or designated user as the approver.

Q2: Also not overly keen on the fact that the database for it is an excel file on OneDrive as users could access the file and see the leave balance and requests of other employees.

If you use Excel as a data source, as long as the user has access to this file. Then he can get all the data in the file.
For this, I suggest you use Dataverse table instead of excel table. (You only need to set the user's permission level to user, then he can only access the records he created)

I think these links will help you a lot:

Security concepts in Microsoft Dataverse 

Configure user security to resources in an environment 

Best Regards,

Bof

View solution in original post

2 REPLIES 2
v-bofeng-msft
Community Support
Community Support

Hi @EmilyS :

Q1: is there a way to lock this down to only their manager and perhaps one other delegate?

Please try this solution:

Set

ChangeApproverScreen-GalleryChangeApprover's OnSelelct property to:

 

If(ThisItem.Mail=Office365Users.Manager(User().Email).Mail || ThisItem.Mail in ["mail1@xx.com","mail2@xx.com"],
Set(_selectedApprover, ThisItem);
Set(_selectedApproverPhoto, Office365Users.UserPhoto(ThisItem.Id));
Back(),Notify("Invalid approver"))

 

1.JPG

In this way, the user can only choose his manager or designated user as the approver.

Q2: Also not overly keen on the fact that the database for it is an excel file on OneDrive as users could access the file and see the leave balance and requests of other employees.

If you use Excel as a data source, as long as the user has access to this file. Then he can get all the data in the file.
For this, I suggest you use Dataverse table instead of excel table. (You only need to set the user's permission level to user, then he can only access the records he created)

I think these links will help you a lot:

Security concepts in Microsoft Dataverse 

Configure user security to resources in an environment 

Best Regards,

Bof

View solution in original post

Thanks for your help, this worked! 🙂

Helpful resources

Announcements
UG GA Amplification 768x460.png

Launching new user group features

Learn how to create your own user groups today!

Community Connections 768x460.jpg

Community & How To Videos

Check out the new Power Platform Community Connections gallery!

Welcome Super Users.jpg

Super User Season 2

Congratulations, the new Super User Season 2 for 2021 has started!

Carousel 2021 Release Wave 2 Plan 768x460.jpg

2021 Release Wave 2 Plan

Power Platform release plan for the 2021 release wave 2 describes all new features releasing from October 2021 through March 2022.

Users online (1,136)