cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
halifaxious
Resolver I
Resolver I

public and private timeline notes

I'm building a model-driven app where many of the entities have the "Enable attachments (including notes and files)" feature turned on. I'd like to allow users to be able to choose whether to make their note private. Default note permission would be readable by anyone who had read-access to the parent entity.

 

First, how do I configure note permissions so that this is possible?

And second, what control needs to be enabled so that a user can change the visibility of their note?

 

PowerApps permissions are still very theoretical to me. I've read and watched videos but it feels very complex.

1 ACCEPTED SOLUTION

Accepted Solutions
EricRegnier
Super User
Super User

Hi @halifaxious,

Notes and their attachments is one of those out-of-the-box (OOB) features that is limited to the amount of configuration they support. For instance, you can't add custom fields/columns to the Notes entity/table, so letting the user change the visible would be tricky. The method to control the visibility and access is with standard privileges. The challenge is this effect all notes in the system, and can't limit to specific notes for specific records. For ex: if everyone can read notes then set the Read privilege to org-level, but then you won't be able to make some notes private. The only way to make them private is to reduce the privilege level to business unit or user-level. User-level means only the owner of the notes to do the respective privilege assigned, business unit is within the business unit. Business unit does not refer to the organizational business unit, it's a security construct to segregate the data into "units". More info on business units: https://docs.microsoft.com/power-platform/admin/wp-security-cds#business-units
So OOB, you would be able to configure different groups to have different level of access to notes, and that's pretty much it.

EricRegnier_0-1628203905384.png

If you really need the ability for users to mark notes as private or public. I would then suggest to create a custom Note table with a multiline-of-text/memo column and a File type column. Making the note public or private can be done by changing the Owner column. Setup the privileges to user-level only and then you can assign the note to the root business unit team or to the current user to lock it down. You can get fancy by having a custom private/public checkbox column and triggering a Power Automate to automatically assign the Owner.

 

For more info on Dataverse security in general here's a nice video: https://powerusers.microsoft.com/t5/Webinars-and-Video-Gallery/Security-in-Common-Data-Service-CDS/t...


Hope this all makes sense!

View solution in original post

1 REPLY 1
EricRegnier
Super User
Super User

Hi @halifaxious,

Notes and their attachments is one of those out-of-the-box (OOB) features that is limited to the amount of configuration they support. For instance, you can't add custom fields/columns to the Notes entity/table, so letting the user change the visible would be tricky. The method to control the visibility and access is with standard privileges. The challenge is this effect all notes in the system, and can't limit to specific notes for specific records. For ex: if everyone can read notes then set the Read privilege to org-level, but then you won't be able to make some notes private. The only way to make them private is to reduce the privilege level to business unit or user-level. User-level means only the owner of the notes to do the respective privilege assigned, business unit is within the business unit. Business unit does not refer to the organizational business unit, it's a security construct to segregate the data into "units". More info on business units: https://docs.microsoft.com/power-platform/admin/wp-security-cds#business-units
So OOB, you would be able to configure different groups to have different level of access to notes, and that's pretty much it.

EricRegnier_0-1628203905384.png

If you really need the ability for users to mark notes as private or public. I would then suggest to create a custom Note table with a multiline-of-text/memo column and a File type column. Making the note public or private can be done by changing the Owner column. Setup the privileges to user-level only and then you can assign the note to the root business unit team or to the current user to lock it down. You can get fancy by having a custom private/public checkbox column and triggering a Power Automate to automatically assign the Owner.

 

For more info on Dataverse security in general here's a nice video: https://powerusers.microsoft.com/t5/Webinars-and-Video-Gallery/Security-in-Common-Data-Service-CDS/t...


Hope this all makes sense!

View solution in original post

Helpful resources

Announcements
UG GA Amplification 768x460.png

Launching new user group features

Learn how to create your own user groups today!

Community Connections 768x460.jpg

Community & How To Videos

Check out the new Power Platform Community Connections gallery!

Welcome Super Users.jpg

Super User Season 2

Congratulations, the new Super User Season 2 for 2021 has started!

Carousel 2021 Release Wave 2 Plan 768x460.jpg

2021 Release Wave 2 Plan

Power Platform release plan for the 2021 release wave 2 describes all new features releasing from October 2021 through March 2022.

Users online (2,592)