web
You’re offline. This is a read only version of the page.
close
Skip to main content
News and Announcements icon
Community site session details

Community site session details

Session Id : 9a5ZnYR0LXsFMRof/XUJYP
Power Platform Community / Forums / Power Apps - Microsoft Dataverse / How to implement incom...
Power Apps - Microsoft Dataverse
Unanswered

How to implement incompatable role types in model driven apps

Like (0) ShareShare
ReportReport
Posted on 27 May 2024 11:20:35 by Malli002345 17

Hi team,

I want to implement the segregation of duties(security roles) in my model driven app. Lets say, If am trying to add 'basic user' role and 'system administrator' role to the same user then system should not allow that me to add the user and show some error. I am new to model driven apps. How can I implement this? Please share any documentation for reference. Thanks!

Categories:
General Questions
I have the same question (0)
  • Malli002345 Profile Picture
    Malli002345 17 on 28 May 2024 at 09:08:41
    Re: How to implement incompatable role types in model driven apps

    Yes. I started with plugin but can't able to achieve the output as expected. Any other solution is there that you can suggest me on this please?

  • Malli002345 Profile Picture
    Malli002345 17 on 28 May 2024 at 09:05:52
    Re: How to implement incompatable role types in model driven apps

    Hi Fubar,

    I just mentioned as 'basic user' and 'system administrator' as a example. But, actual roles are different. Let's say like this we created 2 roles 'creator' role and 'approver' roles. If we assign creator role to the user then they can't be approver. System should not allow to assign these 2 to one single user. How can I implement this?

     

    You mentioned we can achieve this using Business Unit structure. Can you please share any documentation/YouTube reference ?

     

     

  • Fubar Profile Picture
    Fubar 8,058 Super User 2025 Season 2 on 27 May 2024 at 22:36:09
    Re: How to implement incompatable role types in model driven apps

    Are asking can you implement something when you assign a User to a Security Role? or how to stop once assigned?

     

    For Assigning a Security role it could be done via a plugin.

     

    Usually to implement separation and segregation of data,

    a) System Administrator is not assigned to general users (only other way is to implement plugins on retrieve and retrievemultiple - I do not recommend this, and users with the System Administrator role can work around it if they really want to by disabling the plugin steps)

    b) Implement a Business Unit Structure, and the BU Structure in combination with your Security Role Privilege levels and record ownership allows the separation and segmentation. 

  • Guido Preite Profile Picture
    Guido Preite 1,488 Super User 2024 Season 1 on 27 May 2024 at 13:41:23
    Re: How to implement incompatable role types in model driven apps

    Dataverse Security Roles are always additive. Maybe you can implement this logic using plugins but it will affect all the environment and not only your model-driven app, however I do not suggest to go through this path.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Announcing our 2025 Season 2 Super Users!
Responsible AI policies for the Community

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Telen Wang – Community Spotlight

We are honored to recognize Telen Wang as our August 2025 Community…

Congratulations to the July Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
WarrenBelz Profile Picture

WarrenBelz 637 Most Valuable Professional

#2
stampcoin Profile Picture

stampcoin 570 Super User 2025 Season 2

#3
Power Apps 1919 Profile Picture

Power Apps 1919 473

Last month Overall leaderboard

Featured topics

Product updates

Microsoft Power Platform Community release plans