User-based Security in PowerApps

Ever had the need for everyone in a company or department to have access to an App, however, in it they should only see items that you’ve allowed them? Not leveraging any groups but instead allowing the ability to pick users and give them access to view specific items and then have the option to remove it? If this has piqued your interest then you’ve come to the right place!

Scenario:

This is an app used by a school teacher, Daniel Christian to save all the test scores. The app provides Daniel the flexibility to share the test scores with the students. Brian can retract that permission at any time.

Requirements:

  • Any PowerApps subscription that allows you to build apps
  • Office 365 Users
  • A data source. In this example, I’ve used SQL

Important formulas:

These formulas will make sense after watching the video

This is a key formula for the users who use the app to only see the items they have access to.

 

The ‘+’ icon’s OnSelect takes you to the AddEdit screen and gives assigns the true value to the AddVar variable. This will set all the controls in the AddEdit screen as blank and allow the hints to show.

The pencil icon’s OnSelect also takes you to the AddEdit screen but assigns the true value to the EditVar variable. This will set all the controls in the AddEdit screen with values from the selected item in the gallery.

The save or check icon’s OnSelect checks to see if new this is a new item or editing an existing item. If it is a new item then Daniels’s email address is hardcoded into the Contribute column. If it is an edit item then

If(AddVar=true,
Patch('[dbo].[Test]',Defaults('[dbo].[Test]'),
{
StudentName:StudentNameTextInput.Text,
Test:TestNameDropdown.SelectedText.Value,
TestDate:TestDateDatePicker.SelectedDate,
Teacher:TeacherNameTextInput.Text,
TestScore:Value(TestScoreTextInput.Text),
HighestScore:Value(TopScoreTextInput.Text),
Contribute:If(AddVar=true,"daniel.christian@M365x299233.onmicrosoft.com",EditVar=true,Concat(AccessMembersGallery.AllItems,Result," "))
}),
EditVar=true,
Patch('[dbo].[Test]',Gallery1.Selected,
{
StudentName:StudentNameTextInput.Text,
Test:TestNameDropdown.SelectedText.Value,
TestDate:TestDateDatePicker.SelectedDate,
Teacher:TeacherNameTextInput.Text,
TestScore:Value(TestScoreTextInput.Text),
HighestScore:Value(TopScoreTextInput.Text),
Contribute:Concat(AccessMembersGallery.AllItems,Result," ")
}))

;Set(AddVar,false);Set(EditVar,false);Reset(ADS1AdminSearchComboBox);Reset(ADS1AdminSearchTextInput);Navigate(MainScreen,ScreenTransition.Fade)

The AddEditScreen’s OnVisible takes the Contribute value and splits it into separate values to show up individually in a gallery.

Then submit button’s formula


You can refer to the formulas sheet I have attached to this blog which has all the formulas described in the video.

Conclusion:

Everyone by default should have access to the app, however, unless they have been provided the granular level permission, they cannot see the items in the gallery and therefore will not be able to see the data. This methodology makes it much easier to handle and provides the end-user the flexibility to provide user-based security.

 

Formula’s cheat sheet:

 

App>OnStart
Set(AddVar,false);Set(EditVar,false)
_____________________________________

MainScreen>Gallery1>items

Search(‘[dbo].[Test]’,User().Email,”Contribute”)
_________________________________________________________
Mainscreen>PlusIcon>OnSelect
Set(AddVar,true);Navigate(AddEditScreen,ScreenTransition.CoverRight);Refresh(‘[dbo].[Test]’)
_________________________________________________________

MainScreen>PencilIcon>OnSelect
Set(EditVar,true);Navigate(AddEditScreen,ScreenTransition.UnCoverRight);Refresh(‘[dbo].[Test]’)
_________________________________________________________

AddEditScreen>OnVisible>
ClearCollect(AccessMemberCol,Split(Gallery1.Selected.Contribute,” “))

_________________________________________________________
Add ADS1AdminSearchTextInput
Add ADS1AdminSearchComboBox. Items
Office365Users.SearchUser({top:999,searchTerm:ADS1AdminSearchTextInput.Text})

Add ADS1AdminSearchButton. OnSelect
Patch(AccessMemberCol,Defaults(AccessMemberCol),{Result:ADS1AdminSearchComboBox.Selected.Mail})

_________________________________________________________

AddEditScreen>SaveIcon>OnSelect

If(AddVar=true,
Patch(‘[dbo].[Test]’,Defaults(‘[dbo].[Test]’),
{
StudentName:StudentNameTextInput.Text,
Test:TestNameDropdown.SelectedText.Value,
TestDate:TestDateDatePicker.SelectedDate,
Teacher:TeacherNameTextInput.Text,
TestScore:Value(TestScoreTextInput.Text),
HighestScore:Value(TopScoreTextInput.Text),
Contribute:If(AddVar=true,”daniel.christian@M365x299233.onmicrosoft.com”,EditVar=true,Concat(AccessMembersGallery.AllItems,Result,” “))
}),
EditVar=true,
Patch(‘[dbo].[Test]’,Gallery1.Selected,
{
StudentName:StudentNameTextInput.Text,
Test:TestNameDropdown.SelectedText.Value,
TestDate:TestDateDatePicker.SelectedDate,
Teacher:TeacherNameTextInput.Text,
TestScore:Value(TestScoreTextInput.Text),
HighestScore:Value(TopScoreTextInput.Text),
Contribute:Concat(AccessMembersGallery.AllItems,Result,” “)
}))

;Set(AddVar,false);Set(EditVar,false);Reset(ADS1AdminSearchComboBox);Reset(ADS1AdminSearchTextInput);Navigate(MainScreen,ScreenTransition.Fade)

_________________________________________________________

AddEditScreen>TempLabel>Text

Concat(AccessMembersGallery.AllItems,Result,” “)

***

Did you enjoy learning about PowerApps with Daniel? Would you like to learn how to create responsive design in Microsoft PowerApps? The best of both worlds is just a click away!

 

MORE KNOWLEDGE PLEASE

Schedule your free demo!

Want to make your life much easier and work more effective? Yes! We’re more than happy to schedule a demo with you! Just contact us and we’ll get back to you.

We keep your information safe. Read more from our Privacy Policy.