11-14-2020 11:41 PM
11-14-2020 11:41 PM
I have a question regarding permissions in sharepoint. I have a following scenario:
Lets say I have 10 rows in my list, all of them was added by user A. I would like to user B only sees a few of these rows and the same for user C, but for different rows. I have searched many ways to do it but none of seems to work. If there is no way achieve this in sharepoint can I do it for example using Powerapps or some different M365 tool?
11-16-2020 01:40 PM
You're talking about item-level permissions. DANGER! Here there be dragons! And this way lies madness. BE VERY CAREFUL. This is to be avoided at all costs because it is a true nightmare to manage. Personally, I don't. I refuse to do item level permissions. Here's the process I would go through.
I would confirm that this is a SECURITY issue - as in some BAD thing will happen if person B sees the rows belonging to C, not simply a case of "It's not relevant and I don't want them to". I would make my stakeholders NAME THE BAD CONSEQUENCE - and note that person B being a malicious user who intentionally does something unethical or illegal doesn't count as a reason. We're going to trust our colleagues to be good people. :)
My guess is that they won't have anything. So now you can go about making views or whatever to make it DIFFICULT for B to see any of C's rows which is different from security that PREVENTS it. You can use a button on a SharePoint page leading to a defined view in or a power app filtered on the person's ID or whatever else you like.
If it truly IS security, confirm that the items MUST be in the same list. If no, create separate identical lists for B & C and set security on each list. Person A can still access both lists to add the items.
If they HAVE to be in the same list, you could have B & C enter their OWN lines and set security so users see only items they have created.
As an ABSOLUTE NIGHTMARE LAST RESORT of one list where B & C CANNOT see other rows AND cannot enter their own data, then you'll need to decide how to do it. Manual is easy - share line items with each person without granting them access to the entire list. Theoretically, you should be able to set up a something in power automate where each person is granted access to an item based on a value in a field or something like that.
But I'm telling you it's not a good idea. Just imagine once you get 100 or 1,000 rows. How do you know who has access to what? How will you troubleshoot problems when a user calls asking why they can't see an item? This is not what a SharePoint list is built for....
11-18-2020 10:26 AM
So as you described it is really not a good idea is there a more efficently way how to achieve that? To maximaly simplify my question is there any reasonible way how to achieve row 1 only for group 1 and row 2 only for group 2? Power Apps, flow whatever..