Learn with

Voxtus
Implementing Role-Based Access Control (RBAC)

Role-Based Access Control (RBAC) is a system where access is assigned based on the user’s role within the organization. This approach ensures that users only have access to the data and features that are relevant to their role.

i. Assigning User Roles in Power Apps

Power Apps can identify the user currently interacting with the app through the User() function, which returns the current user's email, full name, and image. Based on this, you can assign roles and show/hide controls accordingly.

Implementing Role-Based Access Control 1
Example:
If(User().Email = "LearnWithVoxtus@53ldh0.onmicrosoft.com", "Manager", "User")
ii. Creating Role-Based Access Logic

You can implement role-based access by creating collections or variables that store the roles and permissions for each user. Based on these values, you can dynamically show or hide elements or restrict actions within your app.

Example:
Set(gblCurrentUserRole, 
    LookUp(colUserRoles, Email = User().Email, Role)
);

In this example, the colUserRoles collection contains a list of users and their respective roles. The LookUp function checks the user's email and assigns the corresponding role to the gblCurrentUserRole variable.

iii. Controlling Visibility Based on Roles

Once roles are assigned, you can control the visibility of controls and screens using the Visible property based on the role.

Example: To hide certain buttons or screens from non-admin users:

Code:
'Created By'.'Full Name'=User().FullName
Implementing Role-Based Access Control 2
Implementing Role-Based Access Control 3

As here we have two different users and user can see only there data the detail gallery.

You can apply similar conditions to enable or disable controls, buttons, and even data submission functionality.

iv. Example of Role-Based Filtering in Galleries

You might want to show specific records to certain roles. For example, managers can view all records, while regular users can only view their own. Use the following logic to filter the gallery data based on roles:

Implementing Role-Based Access Control 4
Sort(
    Filter(
        'Student Infos', 
        (IsBlank(TextInput1.Text) || StartsWith('Full Name', TextInput1.Text)) && 
        (IsBlank(cmbSearchAge.Selected.Value) || Age = cmbSearchAge.Selected.Value) && 'Created By'.'Full Name'=User().FullName
    ),
    'Full Name',
    SortOrder.Ascending
)

This logic ensures that the gallery shows all items for managers and filters the items for regular users based on their email address.

Previous Next