Power Platform Community Forum Thread Details

Hello all! I'm hoping someone has some experience using dataverse tables/business units with canvas apps. I'm trying to leverage how business units keep data segregated based on user, business unit, parent: child, or organization. I'm having an issue where if I create a record, someone else in the same business unit can't see the record. There are two different security roles: contributor (submits) and approver (approves). Same business unit, but each user is in a different security role. If I set the approver security role to view of business unit, the approver can't see the record. If I set it to parent:child, the user can see the record. As part of the environment setup, I did need to enable the feature in the image, and I suspect that it is the source of the issue where business units aren't working well. Other issues include a user in a business unit being able to see records entered at the root business unit, not all records in the business unit, or in one case a record from another business unit.

I turned on the imaged feature to allow for power automation to change business units. Adding users to security roles is done through the app interface, and I needed to change the user's business unit to reflect the organization they are assigned to since the person adding the individual is not allows of the same business unit. Also, some data comes through dataflows and is initially at the root business unit and needs to be updated. I confirmed that users are in the correct business unit within the User table, that when the record is created it is in the correct business unit, and that each user is only assigned to one security group preventing conflicting permissions.

As a related issue that might help provide some context, gallery controls are also showing all records contained within the environment instead of showing the user the records associated with their business unit.

Hopefully, someone has some suggestions that I can take a look at.

Categories:

Building Power Apps

Hello.

So you say the people on the same business unit that has the roles contributor and approver can't see the record that user create. For that you must use the security role for that. For the entity that you want to setup you must set read as 'User' in that case only the person who created the record it will be able to view, even they are on the same business unit.

Regarding to the feature "Record ownership across business Units", means that records can be assigned to users that are from other business units. The user it will remain with only one business unit related. But of course the user must have correct rights to be able to access the record. For that this feature allows to assign roles from other business unit that does not belong to them.

Let's Say that you have BU A and BU B, you have three user on A and two users on B. Let say that you to people on business unit B can see it the records on business unit A, for that scenario, when the feature is turned on, you will be able to get a security role from Business unit A and assign to the user from business unit B. And this role has read on level "Business Unit". For that the users in the BU B it will be able to see the record from Business Unit A and from Business Unit B

If my answer helped you, please give me a thumbs up (👍). If solve your question please mark as answer ✔️. This is help the community.