Showing results for 
Search instead for 
Did you mean: 
Frequent Visitor

Edit mode based on CDS/dataverse Security

Hello here,


I've a special case and I'm blocked with the complexity...

In fact, I've a model driven app which is used to create/update the cartography of projects of my customer. So, this app uses approximatively 5 or 6 entities from the dataverse. Of course, the security to update some entities is done via owner team (some people are associated to the project via a sector) and/or access team (some persons are associated without defined rules...)
It works very well as model driven app but they want to have an extra canvas app (stand alone) to handle a specific use case (the goal is to render this feature more accessible for the persons impacted without going to the model driven app).


Everything is ready BUT i can't check easily if the user connected to the canvas app has the privelege to update the project BEFORE to try to save the project. Indeed, when the user clicks on the button Save, the function "submit(form)" is called and the system returns an error. I would like to be notify of this when the record is loaded (it's more user friendly to see that the record is on "read only" mode than trying to update and have an error so late).


When I check on forum or internet, I don't find any easy solution for that. Yet there, all we have to do here is to "fake" the submit form (and of course, if I call the function submit form without a change, it's always a success even if the user doesn't have the security role to update this record...). I could update a useless field to force this check but it's a too bad to make an update each time a user (with the good priveleges) looks this record (if my teacher will see it, he will kills me 😵). Moreover, we will lost the "real values" from the fields modified by/modified on which are useful for my customer


And it's difficult to check manually if the user has the right priveleges because I need to 

  • Retrieve all the access/owner teams linked to the current User (I can do it in fetchxml but in canvas app/power automate, I don't see how to do that)
  • Retrive all the access/owner teams linked to the current Project (I don't know if it's possible to have this mixed list of teams...)
  • And compare the result...

==> for me, it's too much complex for maintainability reason (and to be sure that the behavior will be always the same for the Canvas App and the Model Driven App)


I can't imagine that I'm the only one with this scenario 🙂

Thank you for you help.





Solution Sage
Solution Sage

HI @R4isin ,


Please check out the following article on checking access to the entity in code.  Hopefully you can utilize this approach to "check" first. 


If this helps, please mark accepted.




Thanks for your response.


The requirement from our customer is to be the most "no code" as possible but I guess that this the only way to get that.

But to be honest, I never call a c# code from a Canvas App.
What is the best practices here ?

Thanks again for your help.



Solution Sage
Solution Sage

Hi @R4isin .


Not sure on how to call but this looks like an interesting approach that you might look at...  Sorry if not down the right path to call from canvas app. 



Helpful resources

PA User Group

Welcome to the User Group Public Preview

Check out new user group experience and if you are a leader please create your group

MBAS Attendee Badge

Claim Your Badge & Digital Swag!

Check out how to claim yours today!


Are Your Ready?

Test your skills now with the Cloud Skill Challenge.

Top Solution Authors
Users online (58,652)