cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Developing web application using Power Apps, Power Automate with SharePoint compared to using .NET a

john john
Steel Contributor

‎Jul 19 2023 06:52 PM

‎Jul 19 2023 06:52 PM

Developing web application using Power Apps, Power Automate with SharePoint compared to using .NET a

I have been working on building web applications using those 2 approaches: -

 

1)     ASP.NET Core and SQL Server

2)     Power Apps, Power automate & SharePoint online.

 

Now when it comes to secure the backend data on the server side, those 2 approaches requires totally different approaches to implement based on my understanding.

For example, let say we have this high level business scenario:-

1)     User submits a fund request.

2)     His direct manager needs to approve/reject

3)     If the amount exceeds 50,000 the regional manager needs to also approve/reject

4)     Once the request have passed all the approval processes it will be read-only and can only be accessible by the submitter, manager and regional manager.

Now if I want to develop this using “ASP.NET Core and SQL Server” approach, I will create a single SQL table containing those fields:-

1)     ID

2)     Submitter email

3)     Fund amount

4)     Currency

5)     Description

6)     Direct Manager email

7)     Direct manager decision (Approve/Reject)

8)     Regional Manager email

9)     Regional manager decision (Approve/Reject)

Then inside my asp.net core code and HTML, I can control and show and hide the data according to the stage. So I can secure the application on the server-side that the submitter can not submit his direct manager decision, or the direct manager to approve the request on behave of the regional manager and so on. Also the interaction between the asp.net core application an the sql will be through a service account and not through the user identity.

While if we want to design this application using Power Apps, Power automate & SharePoint online, then we can not have one SharePoint list to store all the above info as SharePoint does not support field level permissions + power apps interact with SharePoint using the user identity. So if a user can submit his/her data, then they can technically approve the request on behave of their direct and regional manager, if not through power apps or the sharepoint list UI then they can use SharePoint api. So to implement this in asecure way, I would create atleat 4 SharePoint list, as follow:-

 

Form list

1)     FormID

2)     Submitter email

3)     Fund amount

4)     Currency

5)     Description

Direct Manager list

1)     Direct Manager email

2)     Direct manager decision (Approve/Reject)

3)     FormID

Regional manager list

1)     Regional Manager email

2)     Regional manager decision (Approve/Reject)

3)     FormID

Status list

1)     FormID

2)     Status

Then using power automate I can secure the list rows and define unique permissions. For example I will follow this approach: -

 

1)     Submitter submit a new form.

2)     Then upon submitting the form a power automate flow will do the following: -

·        define a unique permission on the submitted item so only the submitter and his managers can view it

·        create a new record inside the Direct Manager list and define a unique permission on it so only the direct manager can approve/reject (update the row)

·        create a new record inside the Regional Manager list and define a unique permission on it so only the regional manager can approve/reject (update the row)

·        the power automate flow should also check if the direct manager or the regional manager are changed and update the permissions accordingly.

·        also incase the request get rejected, then the submitter should have permission to edit the form and so on

now I found that using “SharePoint with Power Apps” will over complicate things if we need to secure the backend, compared to asp.net and sql.. any advice?

Now lot of our clients prefer to use SharePoint and power platform for those reasons: -

1)     It comes for free with the office 365 subscriptions

2)     They do not have to worry about updating the .net core to latest versions. For example from .net core 5 to .net core 7 when the current .net version reaches it end of life and stop receiving updates and security updates

3)     SharePoint provides many powerful built-in features like building intranets and document management system beside building custom solution similar to the one I gave in the above example.

4)     Power Apps has a mobile application, so any power app will work as a mobile application out of the box.

 

I really do not have a specific question but need ideas about these 2 approaches and how I am seeing/approaching them.

 

Regards

622 Views
0 Likes
0 Replies
Reply
0 Replies