PA: 5 of 5 | Best Technique to Security Trim Form Fields – PowerApps Tutorial for Beginners

From time to time you run into that business requirement that requires several roles within the business process, where you need to hide or show fields based on those roles.

In this video we will walkthrough a pattern to build custom roles for a business process, manage them within a SharePoint list, as well as, building business logic to secure form fields based on those roles.

As an example, only show the cost field for Approvers and Admins, or Only allow the description field to be edited if the status is Submitted, or if the current user is an Admin.

When we say “admin” we are not referring to Site Collection admins nor site owners, but rather a custom admin, approver, and buyer roles we invented for our business process.

You will want to watch this video in it’s entirety, as there is a critical security concern that must be addressed when trying to security trim Form fields. You must ensure you “harden” your list(s).

This is a critical technique to grasps, as every business process will have various custom roles, and knowing how to implement this elegantly in PowerApps is essential to your success.

Here’s some Syntax used in this video, you just need to adjust for your ACL list name and/or custom roles that you define.
===================
Determine if the current user is an admin, and sets the global variable to true or false

Set(isAdmin, LookUp(ACL_Equipment, User.Email=User().Email&&Title=”Equipment 2″&&Role.Value=”Admin”, ID 0));

Determine if the current user created the current item

If(User().Email=ThisItem.Author.Email,DisplayMode.Edit, DisplayMode.Disabled)

Also, here is the URL to read-up on the 3 main PowerApps functions: Search, Filter, and Lookup.
https://docs.microsoft.com/en-us/powerapps/maker/canvas-apps/functions/function-filter-lookup

Lastly, when dealing with very large lists, ensure you get an understanding with delegation function calls, and how it will dramatically improve performance.

#powerapps #infopathmigration #sharepoint #microsoft365solutions

? Subscribe to SPClassroom SharePoint and o365 videos – https://www.youtube.com/user/clardo11?sub_confirmation=1

SPClassroom is a collection of sharepoint developer tutorials for SharePoint 2013, SP2016, SharePoint Online, office365, and SPFx SharePoint Developer’s Framework, with a focus on training videos for Power Users, Developers, and SharePoint Architects.

Find More SharePoint Developer Tutorial, o365 Development Training, and SharePoint Training Videos here:

Youtube: https://www.youtube.com/user/clardo11
LinkedIn: https://www.linkedin.com/in/deshonclark
Facebook: https://www.facebook.com/spclassroom/
Twitter: https://twitter.com/spclassroom
Website: http://spclassroom.com
Snapchat: deshon.clark

extradrmtech

Since 30 years I work on Database Architecture and data migration protocols. I am also a consultant in Web content management solutions and medias protecting solutions. I am experienced web-developer with over 10 years developing PHP/MySQL, C#, VB.Net applications ranging from simple web sites to extensive web-based business applications. Besides my work, I like to work freelance only on some wordpress projects because it is relaxing and delightful CMS for me. When not working, I like to dance salsa and swing and to have fun with my little family.

You may also like...