cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Supercival
Frequent Visitor

User can only see and edit their own information and data within the App

I am currently in the process of making a project report app for the Project Management Department of our company. I used a gallery to display the project list and the date of project updates. Users will input and submit their data in the project updates part of the app and everyone can view all the project details and updates in the project reports part of the app. The users log sensitive data in the app that goes straight to a sharepoint list. It is crucial that other users are not able to view the data that other users log in the app.

 

Is there a way that users can only view their own project data that they input in the app? Also, project managers can view all the data for monitoring purposes. This needs to be a 100% secure solution. 

 

Thank you.

4 REPLIES 4
WarrenBelz
Super User
Super User

Hi @Supercival ,

There are two ways depending on your data source. If SharePoint you can set this in List Settings, where the user can only access records they create. The other way is to have their name or email in the record and filter any gallery they can see with a match to User().FullName or User().Email.

 

Please click Accept as solution if my post helped you solve your issue. This will help others find it more readily. It also closes the item. If the content was useful in other ways, please consider giving it Thumbs Up.

 

 

two clarifications to what @WarrenBelz said.

1) If you go the list settings option then managers will need a higher level of access to be able to do anything with items they don't create.

2) Filtering the gallery by User value isn't security.  If the user goes to the SharePoint list they will have full access to all the items.

 

Its a lot more work, but the only way to truly limit what people can see in the list is by managing the permissions settings at the item level using HTTP REST calls.  This is usually done in Power Automate called from Power Apps.



-------------------------------------------------------------------------
If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.

Thanks @Pstork1 ,

All of that is correct, particularly the manager access (which is why I use the second one).

An addition I might mention is if you use the User().FullName filter in Power Apps and give users a custom permission level in SharePoint based on Contribute, but unchecking View Application Pages, they cannot view anything in SharePoint (we do this with our field staff who use Power Apps on mobile devices).

 

Please click Accept as solution if my post helped you solve your issue. This will help others find it more readily. It also closes the item. If the content was useful in other ways, please consider giving it Thumbs Up.

I hadn't thought about removing the View Application pages permission.  



-------------------------------------------------------------------------
If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.

Helpful resources

Announcements
Power Platform Conf 2022 768x460.jpg

Join us for Microsoft Power Platform Conference

The first Microsoft-sponsored Power Platform Conference is coming in September. 100+ speakers, 150+ sessions, and what's new and next for Power Platform.

Carousel_PP_768x460_Wave2 (1).png

2022 Release Wave 2 Plan

Power Platform release plan for the 2022 release wave 2 describes all new features releasing from October 2022 through March 2023.

365 EduCon 768x460.png

Microsoft 365 EduCon

Join us for two optional days of workshops and a 3-day conference, you can choose from over 130 sessions in multiple tracks and 25 workshops.

Top Solution Authors
Users online (3,364)