Power Platform Community Forum Thread Details

Hi All,

I'm currently facing a challenge with sharing an Excel file for collaborative editing within my team, using SharePoint and Dataverse, and I could really use some advice. My goal is to upload this file to SharePoint and then share it with team members who will have varying levels of CRUD (Create, Read, Update, Delete) rights based on their specific roles. Once the table is created, no new records will be added I will only need records edited over time.

I initially thought that implementing Row-Level Security (RLS) in Dataverse would be similar to how it's done in Power BI, where you assign a filter to a security role and then assign users to that role. However, I've come to understand that Dataverse might require setting record ownership to implement RLS. I'm unsure if this is necessary, or if there's another way to achieve the level of access control I need without assigning record ownership.

Could someone with experience in setting up RLS in Dataverse, especially in a scenario involving SharePoint for file sharing, provide some guidance? How exactly does RLS work in Dataverse in comparison to Power BI? Is there a way to assign different access levels without linking them to record ownership, or is there a better approach to manage CRUD rights for an Excel file shared through SharePoint and controlled by Dataverse?. If there isn't a better approach, how can someone bulk assign record owners or do it based on a condition etc. The idea is if column X contains the users name then assign ownership to that user.

Any insights, tips, or resources you could share would be greatly appreciated. I feel quite lost in the process and would welcome any help to navigate this setup more effectively.

Thank you in advance.

Categories:

Microsoft Dataverse with Power Apps

Tables by default are either user owned or organization owned. User owned tables are basically owned by a ‘principal’ or essentially a single users or a ‘team’ which acts like a user but can have zero or many team members. Dataverse’s security model centers around user or team ownership where you are allowed to do what your security role assigned to the person or team says you can do (CRUD operations).

so by default the user that creates the record is the owner of it. You can certainly create a power automate flow that reassigns ownership of a record based on certain selections after creation. This can suit your needs for row level security if a group of users need access - you reassign the record to the proper Dataverse team.

however these permissions don’t carry over to SharePoint integrated document libraries. You must replicate any Dataverse team and user accesses to the document library with users and groups.