Access Restriction in a Canvas App Using a SharePoint Group and Power Automate


In this Power Apps Tutorial,

We will discuss how to restrict users from accessing certain features in a canvas app, while other users can still see and use features.

How to use SharePoint action in Power Automate to authenticate a user.

Why to Restrict Access?

In any App, there’s always more than one type of user. For example, there will be customers, staff, administrators, in business management application. An administrator will have access to everything meanwhile, staff will have limited access however a customer can only access his data.

Therefore, we need to make sure that we restrict users from interacting with specific data or features. For example, using Power Automate, we can hide anything in our Canvas App from users so that they do not interact with it. With the help of SharePoint group we will come to know how has access and who does not.

1.     Create a SharePoint group.

Navigate to SharePoint site click on setting and site permission.








Next click on Create Group










A New window will get open please Name and About Me Description, Owner, Group Settings, Give Group Permission to this Site.

After creating the group, add a user to it.

















2.     Create a Flow to Authenticate Users

Create an instant flow with PowerApps as a trigger and add three variables.

Email: This will be an input from the canvas app.

User Info – We’ll store user information that SharePoint API will fetch.

Should Access – This will initially be false.






















Now Add the 'Send HTTP Request to SharePoint' action.















Now let us add a condition where we will check if the result is empty or if it returns the information about a user.

In the 'value' property of the 'Condition,' add an expression. This expression will extract the length of the 'results' array from the http response.

Expression:

length(body('Send_an_HTTP_request_to_SharePoint')?['d']?['results'])

















If the length is 0, the user is not present in the SharePoint group. This is all we need to authenticate a user. Now, if you remember, we already initialized a 'ShouldAccess' variable as false. Therefore, we will only update this variable as true when the above condition is false, which means the 'results' array is not empty

So, in the 'No' section after the condition. Then, add the 'Set variable' action and update the 'ShouldAccess' variable as true. We are almost done but let us send the response to the canvas app using the 'Respond to PowerApps' action.


3.     Create a Canvas app.


















Hide Elements in the Canvas App Using Global Variables

Select your current screen -> Action -> Power Automate -> RestrictingAccess








































Now in the formula bar of 'On Visible' property, add this formula:

Set(CheckUser, RestrictingAccess.Run(User().Email));

Set(

    IsVisible,

    If(

        Lower(CheckUser.shouldaccess) = "true",

        true,

        false

    )

)
















Set(IsVisible) is another global variable we are using to check if the response is true or false. We will use this variable on Admin Button to hide it from staff.


















In some scenarios where you don’t want to hide the features entirely from the user but also want to restrict them from using them. In such a case, you can use the DisplayMode property of the admin icon.

If(IsVisible, DisplayMode.Edit, DisplayMode.Disabled)


















Let run the app and check the uses exist in this group while able to see the admin button is disabled.




Comments

Post a Comment

Popular posts from this blog

How to implement approval in Teams using Adaptive Cards

Image
  Adaptive Cards are self-contained user interface components that transcend platform boundaries. Crafted in JSON format, these snippets of UI can be seamlessly exchanged between applications. Upon reaching a particular application, the JSON content is dynamically rendered into native UI elements, seamlessly blending with the app's aesthetic. This approach facilitates the creation and seamless integration of lightweight UI elements across diverse platforms and frameworks. User Story: We're preparing to implement a leave approval workflow in Teams utilizing adaptive cards. Employees will submit their leave requests, and line managers will receive notifications within Teams. Step 1 – Design the Adaptive Card Prior to establishing the flow, let's initiate the card design process using the designer tool to ensure readiness. Visit https://adaptivecards.io/designer/   to access the designer interface and adjust the 'host app' setting to Microsoft Teams – Light /...
Read more

Open canvas app with Customize the command bar using command designer

Image
  This topic guides you through creating and editing modern commands using the command designer and Power Fx. Create a new model-driven app using modern app designer 1.      Sign into  Power Apps 2.      On the left navigation pane, select  Solutions  and then open or create a solution to contain the new model-driven app. 3.      Select  New  >  App  >  Model-driven app 4.      Select  Modern app designer , and then select  Create .    Enter a  Name  for your app, and then select  Create . More information:  Create a model-driven app that has an account table page 1.      On the left navigation pane, select  Solutions , and then open the solution containing the existing model-driven app. 2.      Select the model-driven app, and then select --  >  Edit ...
Read more

Create email templates in dynamic 365 and send email using Power Automate

Image
We can utilize email templates with Power Automate to send emails. Follow these steps to use email templates with Power Automate. ·         Create Email Template in dynamic 365. ·         Configure Power Automate to Email Template. Create Email Template in dynamic 365: Navigate to Power Platform admin center, navigate to the Environments tab, and select your environment you wish to create email template refer below screen short. Click on setting and look for Templets and click on Email Template. Click on new on tool bar. The Email Template Type dialog box will open. Select the desired entity and then click OK. On the template form, provide a name for your email template and, if desired, add a description. Note that the email template name and description will not be visible to the recipient. Enter the text you want to send in the message. Use the formatting toolbar to edit and style your...
Read more

HTTP Request Methods

Image
  1. 𝗚𝗘𝗧 : GET Method is used to request information from a website, Server or from API. Example: GET/api/employee/{employee-id}   2. 𝗣𝗢𝗦𝗧 : POST Method is used to create a new resource in server. We can send data to the server in the request body. Example: POST/api/employee/department   3. 𝗣𝗨𝗧 : PUT Method is used to update an existing record by sending the updated data as the content to request body to the server. Example: POST/api/employee/55445   4. 𝗗𝗘𝗟𝗘𝗧𝗘 : DELETE Method is used to remove resources from the server. Example: DELETE/api/employee/55445   5. 𝗣𝗔𝗧𝗖𝗛 : PATCH and PUT are similar use to updates a resource, but it will update data partially but not fully. Example: PATCH/api/employee/55445{"Name: Employee Name"}   6. 𝗛𝗘𝗔𝗗 : HEAD Method is like the GET but it doesn't have any response body. Example: HEAD/api/employee   7. 𝗢𝗣𝗧𝗜𝗢𝗡𝗦 : OPTIONS Method is used to get the informatio...
Read more

Duplicate Detection in Dynamics 365 using power apps.

Image
  User Case: When setting up a contact in Dynamics 365, verify if a contact with the same email address already exists. If it does, prompt an error message indicating a duplicate email address. Step 1 :  Navigate to make.powerapps.com, screen 1 à Create a Blank Canvas App à Connect with Dynamics 365 Data Source à Connect Contact Entity as Dataset (You can connect other entity also as per your requirement) Step 2:   Screen 2 - Insert a new Blank Screen to show Duplicate Detection Dialog Step 3:   Add few Text Input and Button Controls in Screen 1 or design as per your need. Step 4:  Add below formula on Button Control (onSelect property) to find Duplicate Record. If ( IsBlank ( LookUp ( Contacts , emailaddress1 = Emailaddress_Text . Text )), UpdateContext ({ result: "Duplicates Record not found" }), Navigate ( DuplicateDetectionDailogbox , ScreenTransition . CoverRight ) ) ; You can use following formula also on Button Control (onSelect property...
Read more