Skip to main content

Notifications

Power Pages - Security
Suggested answer

PowerPages: Row Level Security based on Account (not contact - '#Portal-YouPortalName')

Posted on by 12
I am creating a PowerPages site where several users from an external supplier need to be able to update the same row in a table (via a form). I want the permissions to work on the external ‘company’ (account) and not the user (contact). I have Entra External ID working and I can manually get everything working but I have a problem with form submission.

When an authenticated user add’s a row to a table, in-built columns such as ‘created by’ are associated with the portal’s ‘service account’ and are of the format

#Portal-YouPortalName

This means if you set form permissions – ‘access type’ to be ‘Contact Access’ or ‘Account Access’, then this doesn’t work because the form, from the dataverse perspective, has been filled in by #Portal-YouPortalName NOT the currently authenticated user.

OK, this is annoying, and if anyone can stop that happening, then that would be great but there is a fix for the contact side of this
  • add a lookup column to the table with its table source as ‘Contact’. Now you could manually choose who you are.
  • If we also go into Power Pages Management / Basic Forms / [choose your form] / Additional settings – then scroll down until you see ‘Associate Current Portal User on Insert’. Select this and you should be able to see the lookup column you created above
  • Now when you submit the form, the authenticated user is stored in the table and ‘contact’ level security works (authenticated users can only see their own data).

That’s great, but there isn’t the same functionality for Account! I can’t get the account information in the form ‘onSubmit’ other than manually.

Any suggestions as the best way to solve this issue?
 
 
Categories:
  • Suggested answer
    Fubar Profile Picture
    Fubar 7,586 on at
    PowerPages: Row Level Security based on Account (not contact - '#Portal-YouPortalName')
    The portal side of things doesn't use the dataverse created by or owner fields in its security model.
     
    When your user submits the Power Pages Form you need to populate the Account / Contact. For a Contact you can populate as you identified in your post or via a Metadata record or Account via a Metadata record (or could also do by a Realtime workflow, or populating via Liquid and JavaScript on the form - least preferred). Also, once your main record is linked, you can use table permissions with Scope = Parent to access child records (i.e. the child records do not need to capture account/contact, unless you want to record who created/modified, if the user can access the parent record)
     
    For users to access records under an Account, you need to have a Lookup to Account defined on the Table, and then populate it - if your portal user (contacts) are using the out out of the box parent Account /Company Name lookup to link them to the the Account then you can populate it using  Form/Step Metadata records. Use the Power Pages Management App, open the Basic Form/Step definition, and then create a Metadata record (if not already a Tab it will be under Related), set its Type = Attribute, for the Attribute Logical Name select the account Lookup field on your table, then in the On Save section tick the checkbox, set Type = Current Portal User, then Form Attribute to the field that holds the Account value. (also, the lookup doesn't need to be displayed on the form)
     
    For populating the Contact via metadata it is basically the same as for an Account but the Attribute is your lookup to Contact, and in the On Save you use the contact (contactid) field.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

November 2024 Newsletter…

November 2024 Community Newsletter…

Community Update Oct 28…

Power Platform Community Update…

Tuesday Tip #7 Community Profile Tips…

Welcome to a brand new series, Tuesday Tips…

Leaderboard

#1
WarrenBelz Profile Picture

WarrenBelz 143,297

#2
RandyHayes Profile Picture

RandyHayes 76,308

#3
Pstork1 Profile Picture

Pstork1 63,890

Leaderboard

Featured topics