You’re offline. This is a read only version of the page.
28
Hello everyone,
we came across a bigger problem with Model Driven App permissions and I hope you can help us!
We have one main environment in our company for all our Citizen Developers to develop their Canvas Apps and Flows. Therefore, they all have the Environment Maker security role.
Some makers are starting to create Model Driven Apps and we came across the issue, that every Environment Maker can see and edit all Model Driven Apps in an environment (like delete screens or edit app structure), no matter if they are owners or the app is shared with them or not.
We tried to edit and/or clone the Environment Maker role, but that did not work out.
Did you come across the same issue, or have you found a way to restrict Environment Makers from editing all Model Driven Apps in an environment?
Thanks in advance for your help!
Hi, tried that already. Unfortunately then makers are no longer able to create canvas apps and flows. Apparently there is a special setting for the environment maker role which cannot be copied to another role. At least I didn't find the way to set up a copied role so that users would be able to create apps and flows.
Yes, that is possible. You can clone the Environment Maker role and remove the privileges for Model-driven app and keep the privileges for Canvas App so that they can still create canvas apps.
thanks for your response! I understand your point, it would be helpful to change this behaviour at least in a way that environment makers are not able to create / edit model-driven apps, especially because it has an organisation-wide effect. However, as I understood there is no way to change the settings of the environment maker role.
Do you know if there is any possibility to achieve this? So that users would be allowed to create canvas apps and flows, but not model-driven apps at all.
Thanks!
Model-driven apps are organisation-owned tables and there is no Owner column. Because of that, you cannot set the User level Read/Write privilege in the security role to restrict in a way that only the owner can view and edit their own model-driven apps.
Technically, the Citizen Developers should develop their Canvas Apps and Flows on their own developer environment and the System Administrators, System Customisers or the advanced makers with the Environment Maker role should deploy those apps/flows to the main environment.
#1
Michael E. Gernaey
9
Super User 2025 Season 1
#2
bscarlavai33
5
Super User 2025 Season 1
#3
getsplash
2
Share
Report
All responses (
Answers (
