I created a PowerApp with a Sharepoint custom list as the data source. I granted all 315 users of the app "Site Member" status (R/W/E).
Solved! Go to Solution.
If you are using a SharePoint custom list as a backend to a stand alone PowerApps app then I am not aware on any way to block them from accessing the SharePoint list because the PowerApps/SharePoint intergration requires the user to have access.
I would recommend creating a PowerApps custom form in the SharePoint library. Then give the users contribute access to the list to prevent any user from changing your PowerApps custom form. After that go into the List Settings page and click on Advance Settings and set the "Quick property editing" to "No". This prevents users from bypassing your custom form and adding or changing items in the quick edit view or the details pane.
Hi @Jeff_Thorpe, Thanks for the response.
This is indeed a stand alone PowerApp with SP List as a back end.
Unfortunately, creating a PowerApps custom form in the Sharepoint Library would necessitate developing another "app" then supporting two versions of the same. I can't go there with this particular project. \
Hm. Bummer. Would be nice to have the ability to control access to the "back end" of the app. I think whats missing is the concept of an APP ID between stand alone PowerApps and Sharepoint lists.
Ideally, I would control USER access to the PowerApp via AD Security Groups, then control APP access to the Sharepoint list with an App ID. Then only the APP has read/write/delete/etc. permissions on the list, not individual USERS.
Aha! Our AWESOME internal Sharepoint Admin showed me a method that just might work. I'll line it out here before I try it:
How to prevent PowerApps users from editing a Sharepoint List:
What should happen is that PowerApps USERS with the SP List URL will be presented with the custom message. Site Owners will get to see the List itself and make edits/etc.
I'll try to implement this (next week) and report back.
Do you want to assign all 315 users of your app access permission rather than edit permisson to the SP list?
Have you solved your problem?
If you only want to assign all 315 users of your app access permission rather than edit permission to your SP list, you could consider take a try to assign "Site Visitors" permission (Read-Only) to them.
More details about assigning "Site Visitors" permission to SP list, please check the following gif image:
In addition, I also agree with the solution that you provided. If the issue is solved on your side, please go ahead and click “Accept as Solution” so that this thread will be marked for other users to easily identify.
RE: Do you want to assign all 315 users of your app access permission rather than edit permisson to the SP list?
RE: Have you solved your problem?
RE: If you only want to assign all 315 users of your app access permission rather than edit permission to your SP list, you could consider take a try to assign "Site Visitors" permission (Read-Only) to them.
When I find the solution, I will post it back. Thanks for your input.
I have posted a video that demonstrates adjusting List item permissions based from PowerApps / Flow that I think will be useful -
Hopefully it helps!
This will not solve the problem, tho.
If the link for the original list leaked, it is as well possible, that the link to your temp lists will soon be known to your coworkers.
So they just go ahead and make changes to the temp lists which will then duplicate to the original data source.
Here’s how I did it...
In your list give everyone vistior acces so they can see the data but not edit. Create a field for field structural copy of the list name it something like temp-list. Give everyone write access to this list. In your power app, pull the record from the original list. Base your update form on the temp-list. Create a flow using a user That has enough privilege to write to the original list. Attach it to the temp list and have it update the original list with the new data then delete the new data from the temp list. You must trigger the flow from the temp list create or update trigger and not directly from the flow. Auto triggered flows will use the elevated permissions of the flow creator.
This would be a nice approach for this problem.
Join us next Wednesday for our Demo Extravaganza, October 16, 2019 8am PDT.
Join us for an in-depth look at the new innovations across Dynamics 365 and the Microsoft Power Platform.
Continue your learning in our online communities.
Features releasing from October 2019 through March 2020
Coming to a city near you
Fill out a quick form to claim your user group badge now!
Connect, share, and learn with your peers year-round
Register by September 5 to save $200