cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Reply
Supercival
Frequent Visitor

User can only see and edit their own information and data within the App

‎12-14-2020 09:44 PM

I am currently in the process of making a project report app for the Project Management Department of our company. I used a gallery to display the project list and the date of project updates. Users will input and submit their data in the project updates part of the app and everyone can view all the project details and updates in the project reports part of the app. The users log sensitive data in the app that goes straight to a sharepoint list. It is crucial that other users are not able to view the data that other users log in the app.

 

Is there a way that users can only view their own project data that they input in the app? Also, project managers can view all the data for monitoring purposes. This needs to be a 100% secure solution. 

 

Thank you.

Message 1 of 5
1,548 Views
4 REPLIES 4
WarrenBelz
Super User
Super User

‎12-18-2020 02:19 PM

Hi @Supercival ,

There are two ways depending on your data source. If SharePoint you can set this in List Settings, where the user can only access records they create. The other way is to have their name or email in the record and filter any gallery they can see with a match to User().FullName or User().Email.

 

Please click Accept as solution if my post helped you solve your issue. This will help others find it more readily. It also closes the item. If the content was useful in other ways, please consider giving it Thumbs Up.

 

 

Message 2 of 5
1,510 Views
Pstork1
Dual Super User
Dual Super User
In response to WarrenBelz

‎12-18-2020 03:21 PM

two clarifications to what @WarrenBelz said.

1) If you go the list settings option then managers will need a higher level of access to be able to do anything with items they don't create.

2) Filtering the gallery by User value isn't security.  If the user goes to the SharePoint list they will have full access to all the items.

 

Its a lot more work, but the only way to truly limit what people can see in the list is by managing the permissions settings at the item level using HTTP REST calls.  This is usually done in Power Automate called from Power Apps.



-------------------------------------------------------------------------
If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.
Message 3 of 5
1,504 Views
WarrenBelz
Super User
Super User
In response to Pstork1

‎12-18-2020 04:01 PM

Thanks @Pstork1 ,

All of that is correct, particularly the manager access (which is why I use the second one).

An addition I might mention is if you use the User().FullName filter in Power Apps and give users a custom permission level in SharePoint based on Contribute, but unchecking View Application Pages, they cannot view anything in SharePoint (we do this with our field staff who use Power Apps on mobile devices).

 

Please click Accept as solution if my post helped you solve your issue. This will help others find it more readily. It also closes the item. If the content was useful in other ways, please consider giving it Thumbs Up.

Message 4 of 5
1,498 Views
Pstork1
Dual Super User
Dual Super User
In response to WarrenBelz

‎12-18-2020 05:49 PM

I hadn't thought about removing the View Application pages permission.  



-------------------------------------------------------------------------
If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.
Message 5 of 5
1,491 Views

Helpful resources

Announcements
Power Platform Conf 2022 768x460.jpg

Join us for Microsoft Power Platform Conference

The first Microsoft-sponsored Power Platform Conference is coming in September. 100+ speakers, 150+ sessions, and what's new and next for Power Platform.

365 EduCon 768x460.png

Microsoft 365 EduCon

Join us for two optional days of workshops and a 3-day conference, you can choose from over 130 sessions in multiple tracks and 25 workshops.

View All
Users online (3,178)