Problem Statement
We have a Model-Driven App built using Microsoft Power Apps where RFQ records are managed. The RFQ table is integrated with SharePoint for document management using the standard SharePoint document component.
Current Setup
• Each RFQ record automatically creates a corresponding folder in SharePoint using automation.
Example:
RFQ#120 → SharePoint folder RFQ#120 with multiple subfolders.
• The PowerApps form contains multiple tabs, and each tab maps to a specific SharePoint subfolder.
• We have two security roles in PowerApps:
-
General Users
-
Confidential Users
• Access structure:
Additional Complexity
RFQ records are also restricted by owner teams.
Each RFQ belongs to a specific account team.
Example:
Teams can contain a mix of General and Confidential users.
The intended behavior:
• A Tata team member should only see Tata RFQs and Tata SharePoint documents.
• A Mahindra team member should only see Mahindra RFQs and documents.
• General users should never access confidential folders.
• Confidential users should see both general and confidential folders.
Current Issue
When users access the SharePoint document component within PowerApps, they are able to navigate through the SharePoint library and access folders that should not be visible based on PowerApps security roles.
This occurs because SharePoint permissions are not automatically aligned with PowerApps security roles or team ownership.