Unanswered

Ability to delete Account attachment

(0) Share

Report

Posted on by psreek

309

In our current process that we wish to automate, anonymous users use a multistep form to create an Account record, add account attachments in the notes table and also creates contact record associated to the account. Once this is created, internal users evaluate and approve contact records. This would then create a login in the Azure B2C directory and would send an email to the user with the password. User can then log in to the portal and further update the account records including deleting attachment and uploading new ones.

Now we noticed that the initially uploaded documents are uploaded as system user and for some reason the end user does not have the ability to delete the records as shown in the screenshot (first two items). On the other hand if the user is already signed in and uploads another document, the user can then delete that document as seen on the third item in the screenshot.

Please let us know how we can allow signed in users to delete attachments of Account that they are associated with. The table permissions that we have used are as follows -

Categories:

General

All responses (4)

Answers (0)

psreek 309 on at

Like (0)

Report

Re: Ability to delete Account attachment

And the fix to change ownership seems to be to update the "Title" column on the notes record. Using Power Automate, we can update the Title from -

Note created on 7/12/2023 9:44:15 AM UTC

to -

Note created on 7/17/2023 2:03:51 PM UTC by Contact Full Name [contact:0a1f55aa-8921-ee11-a81c-6045bd00b174]

after replacing the Contact Full Name and contact unique id with the value from the primary contact on the account record.

After making the change to the title, the portal now shows the delete option on the record. Very interesting that security is based on the structure and value on the title column.
psreek 309 on at

Like (0)

Report

Re: Ability to delete Account attachment

Another interesting finding. I uploaded two files as a logged in user from the Power Pages portal as seen in the screenshot -

This shows the Delete option on the portal. But, in dataverse, the only indication of the portal user is on the Title of the record. The Owner, Created By and Modified By are all populated with "SYSTEM".
psreek 309 on at

Like (0)

Report

Re: Ability to delete Account attachment

@Lucas001 - Before going the power automate route, I thought I would check if I could change the owner on any of the note record. I am a system administrator in the environment but the Owner field is read-only as seen in the form below for all records i.e. where the current owner is SYSTEM as well as records where my own login is the owner. This is unlike the Account record where I can change the owner.

So, if the dataverse form (and also the grid view in edit mode) is not allowing the change of ownership, I get a feeling that Power Automate would not allow us to change the owner either. I will next check power automate to test this hypothesis.
Lucas001 2,174 Super User 2025 Season 1 on at

Like (0)

Report

Re: Ability to delete Account attachment

Hi @prathyoo,

when an anonymous user is creating anything or interacts with dataverse, it's always the systemuser creating the record. However what you want is to change the owner of the related record and I hope that this is possible with the information you get from your form.

Your form probably has the ability to connect the owner to the created records. If so you can use power automate to reassign the owner of that record user update a row:

After that your user should be able to delete the attachements etc. as those records now belong to him/herself.

Hope that helps.
Please mark the post as solution, if it solves your problem. If it helps please consider a thumbs up.