The main idea is, in a Power Apps Canvas App, to check role or team of current user to diplay, hide or change the behavior of some informations into your screen.
This post and the following demo are related to Dataverse roles or teams.
Before to keep going you have to understand that:
- Users information are in the systemuser table.
- Security roles information are in the role table.
- Teams information arein the team table.
- systemuser have realtion with team and role.
So let’s open Power Apps and add the following Datasource:
- Office365Users
- Users
- Teams
- Security Roles
The first thing you are going to do, in App.Formulas is to get the current user information from the current user. Then you are just checking if a team or role name or guid is present into the teammembership_association or systemuserroles_association of that user.
fx_currentuser = Office365Users.MyProfileV2();
fx_permissions = {
//Target Team by name
isInAdminTeam: "Admin" in ShowColumns(
LookUp(
Users,
'User Name' = fx_currentuser.userPrincipalName
).'Teams (teammembership_association)',
"name"
),
//Target team by GUID
isInManagerTeam: "e9554cec-10a0-ee11-a569-002248da63d9" in ShowColumns(
LookUp(
Users,
'User Name' = fx_currentuser.userPrincipalName
).'Teams (teammembership_association)',
"teamid"
),
//Target role by Name
hasSysAdminRole: "System Administrator" in ShowColumns(
LookUp(
Users,
'User Name' = fx_currentuser.userPrincipalName
).'Security Roles (systemuserroles_association)',
"name"
),
//Target Role by GUID
hasManagerRole: "f2685975-9762-4321-bf50-6cd868c866ca" in ShowColumns(
LookUp(
Users,
'User Name' = fx_currentuser.userPrincipalName
).'Security Roles (systemuserroles_association)',
"roleid"
)
};
Then on controls, you just need to use this variable.
In the example above, I change the Icon depending if I am admin or not.
Important: We are checking roles and team because, if you are in a team, you are not directly associated to a role. And if the role has been directly associated to the user, he might not be member of the team.
So if I want to go deeper, and based on my previous example, my code will be more as following:
fx_currentuser = Office365Users.MyProfileV2();
fx_permissions = {
//By name
isAdmin: "Admin" in ShowColumns(
LookUp(
Users,
'User Name' = fx_currentuser.userPrincipalName
).'Teams (teammembership_association)',
"name"
) || "System Administrator" in ShowColumns(
LookUp(
Users,
'User Name' = fx_currentuser.userPrincipalName
).'Security Roles (systemuserroles_association)',
"name"
),
//By GUID
isManager: "e9554cec-10a0-ee11-a569-002248da63d9" in ShowColumns(
LookUp(
Users,
'User Name' = fx_currentuser.userPrincipalName
).'Teams (teammembership_association)',
"teamid"
) || "f2685975-9762-4321-bf50-6cd868c866ca" in ShowColumns(
LookUp(
Users,
'User Name' = fx_currentuser.userPrincipalName
).'Security Roles (systemuserroles_association)',
"roleid"
)
};
In this scenario, and Admin is someone who is in the Admin team or who have directly the System Administrator role. And the manager is someone in the Manager team or who have directly the manager role.