Skip to main content
News and Announcements icon
Community site session details

Community site session details

Session Id : 96vBLdRDofVXIS6Uuph4xf
Power Platform Community / Forums / Power Apps - Microsoft Dataverse / How to implement incom...
Power Apps - Microsoft Dataverse
Unanswered

How to implement incompatable role types in model driven apps

Like (0) ShareShare
ReportReport
Posted on 27 May 2024 11:20:35 by Malli002345 17

Hi team,

I want to implement the segregation of duties(security roles) in my model driven app. Lets say, If am trying to add 'basic user' role and 'system administrator' role to the same user then system should not allow that me to add the user and show some error. I am new to model driven apps. How can I implement this? Please share any documentation for reference. Thanks!

Categories:
General Questions
  • Malli002345 Profile Picture
    Malli002345 17 on 28 May 2024 at 09:08:41
    Re: How to implement incompatable role types in model driven apps

    Yes. I started with plugin but can't able to achieve the output as expected. Any other solution is there that you can suggest me on this please?

  • Malli002345 Profile Picture
    Malli002345 17 on 28 May 2024 at 09:05:52
    Re: How to implement incompatable role types in model driven apps

    Hi Fubar,

    I just mentioned as 'basic user' and 'system administrator' as a example. But, actual roles are different. Let's say like this we created 2 roles 'creator' role and 'approver' roles. If we assign creator role to the user then they can't be approver. System should not allow to assign these 2 to one single user. How can I implement this?

     

    You mentioned we can achieve this using Business Unit structure. Can you please share any documentation/YouTube reference ?

     

     

  • Fubar Profile Picture
    Fubar 8,023 Super User 2025 Season 2 on 27 May 2024 at 22:36:09
    Re: How to implement incompatable role types in model driven apps

    Are asking can you implement something when you assign a User to a Security Role? or how to stop once assigned?

     

    For Assigning a Security role it could be done via a plugin.

     

    Usually to implement separation and segregation of data,

    a) System Administrator is not assigned to general users (only other way is to implement plugins on retrieve and retrievemultiple - I do not recommend this, and users with the System Administrator role can work around it if they really want to by disabling the plugin steps)

    b) Implement a Business Unit Structure, and the BU Structure in combination with your Security Role Privilege levels and record ownership allows the separation and segmentation. 

  • Guido Preite Profile Picture
    Guido Preite 1,488 Super User 2024 Season 1 on 27 May 2024 at 13:41:23
    Re: How to implement incompatable role types in model driven apps

    Dataverse Security Roles are always additive. Maybe you can implement this logic using plugins but it will affect all the environment and not only your model-driven app, however I do not suggest to go through this path.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Now Available: 2025 Release Wave 2
Welcome to the Power Platform Communities
Announcing our 2025 Season 2 Super Users!

Quick Links

Announcing our 2025 Season 2 Super Users!

A new season of Super Users has arrived, and we are so grateful for…

Paul Stork – Community Spotlight

We are honored to recognize Paul Stork as our July 2025 Community…

Congratulations to the June Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
WarrenBelz Profile Picture

WarrenBelz 791 Most Valuable Professional

#2
MS.Ragavendar Profile Picture

MS.Ragavendar 410 Super User 2025 Season 2

#3
mmbr1606 Profile Picture

mmbr1606 275 Super User 2025 Season 2

Last month Overall leaderboard

Featured topics

Product updates

Microsoft Power Platform Community release plans