3 Ways To Filter A Power Apps Gallery By The Current User
Want to filter a Power Apps gallery by the current user? There are many ways to do it. The easiest way is to get the current user’s email and use a filter function to show only matching records in the gallery. A more secure way is to set item-level permissions by building a Power Automate flow or changing permissions in the list settings itself. In this article I will show you 3 ways to filter a Power Apps gallery by the current user so you can decide which is best for you.
Table Of Contents: Introduction: The Performance Reviews App Setup The Performance Reviews SharePoint List Option #1: Filter Gallery By Current User With The User Function • Get The Current App User's Email Address Option #2: Use Power Automate To Set SharePoint List Item Permissions • Build A Power Automate Flow Update List Item Permissions • View The Secured SharePoint List As The Current User Option #3: Change Item-Level Permissions in SharePoint List Settings • Grant The User Who Created The SharePoint List Item Edit & Read Access • View The Filtered SharePoint List As The Current User
Introduction: The Performance Reviews App
The Performance Reviews app is used by employees at a construction company to view their annual performance reviews. Employees can only see their own performance reviews. Other employees reviews should not appear in the app because performance reviews are confidential.
Setup The Performance Reviews SharePoint List
The Performance Reviews app is connected to a SharePoint list also called Performance Reviews with the following columns & data:
- Employee (Person)
- ReviewDate (Date Only)
- Score (Number)
- Manager (Person)
|David Johnson||1/21/2022||4||Matthew Devaney|
|Mary Baker||1/19/2022||5||Matthew Devaney|
|Sarah Green||1/12/2022||3||Matthew Devaney|
|David Johnson||1/19/2021||3||Matthew Devaney|
|Mary Baker||1/10/2021||4||Matthew Devaney|
|Sarah Green||1/9/2021||3||Matthew Devaney|
|Mary Baker||1/15/2020||4||Matthew Devaney|
|David Johnson||1/3/2020||2||Matthew Devaney|
Option #1: Filter Gallery By Current User With The User Function
The simplest way to filter a Power Apps gallery by the current user is to obtain their email address using the User function to an email address found in a person type column of a SharePoint list and see if it matches. When both email addresses match the SharePoint list item will be included in the gallery and when they do not match the list item will be excluded from the gallery. This is the easiest option to filter a gallery by the current user but it has one drawback. If the user navigates to the SharePoint list they will be able to see the SharePoint list items for all users. Therefore, it should not be considered adequate security for sensitive information
Get The Current App User’s Email Address
Open Power Apps Studio and create a new app that looks like the one shown below. Add the Performance Reviews SharePoint list as a datasource and then create a gallery to display the list items.
Write this code in the OnStart property of the app. The User function retrieves the current logged in user’s email and this value gets stored in the variable varUserEmail.
To execute the code in OnStart for testing purposes, click on the three dots beside App and select Run OnStart. varUserEmail and varIsProjectManager are now updated with values.
Now we will filter the gallery by checking to see if the Employee’s email in each SharePoint list item equals varUserEmail.
Write this code in the the Items property of the gallery. Only SharePoint list items for the current user will shown.
Filter('Performance Reviews', Employee.Email=varUserEmail)
Option #2: Use Power Automate To Set SharePoint List Item Permissions
Another way to only show records for the current user is to build a Power Automate flow that triggers when a SharePoint list item is created or modified. Then it sets the the item permissions to only allow the person in the Employee column to edit or view the item. The SharePoint list can be shared with many users but they will only see items they have permissions for. True confidentiality and privacy are achieved. The drawbacks are it consumes a flow run each time a record is created or modified and there is no place to globally manage access to records via a security role because permissions are maintained with the list item itself.
Build A Power Automate Flow To Change Item Permissions When An Item Is Created
Open Power Automate and create a new automated flow. Name the flow Set Performance Review Permissions and choose the SharePoint flow trigger When an item is created or modified.
In the flow trigger, select the SharePoint Site Address and List Name – Performance Reviews.
When a record is modified we only want to update the SharePoint list item permissions if the employee field was changed. Add the flow action Get Changes For An Item Or File (Properties Only) to check this. Set the ID field with the trigger ID. Populate the Since field with the Trigger Window Start Token and the Until field with the Trigger Window End Token.
Next, use a Condition step to check if a new record was created or the employee field was changed. If the employee field was modified the property Has Column Changed: Employee from the previous flow action will be equal to true.
When a SharePoint list item is created it inherits the permissions of its SharePoint list. We want to break inheritance because it gives all SharePoint list users access to the item. Instead, we only want the employee who owns the record to have access. To break inheritance we use the SharePoint action Stop sharing an item or a file.
Finally, we add a flow action to Grant Access To An Item Or A Folder, assign the flow trigger’s item ID, include the Employee Email as the recipient and select the role can edit. The recipient is the user who will access the list item.
After creating the flow we must delete all items in the Performance Reviews list and then add them back to the list. This will give the flow an opportunity to set item permissions on the newly created list items. The completed flow should look like this.
View The Secured SharePoint List As The Current User
Login to the app as a user who is not the SharePoint site administrator and browse to the SharePoint list. We will only see the SharePoint list items belonging to that user. If you still see all of the list items there are two reasons why this might be occurring: you are logged in as the site administrator who can see all records regardless or permissions or the records were created before the flow was turned on so the permissions have not been set.
In Power Apps Studio, open the Performance Review app and change the Items property of the gallery to this code.
The gallery will only show records for the current user even though it is not filtered.
Option 3: Change Item-Level Permissions in SharePoint List Settings
The final option to only show records for the current user is to change the SharePoint list settings to grant edit and read permissions for the user who created the list item. Once again, the same list can be shared with many different users but the current user will only see their own records. This option has the advantage of being easy to setup and it does not consume any flow runs unlike Option 2. The downside is the user must always create their own records and permissions can never be changed to another employee because they are based on the Created By field.
Grant A User Who Created The SharePoint List Item Edit & Read Access
As the SharePoint site administrator, open the Performance Reviews list and select List settings.
Go to Advanced Settings.
Browse to Item-level Permissions and change read access to read items that were created by the user and update Create and Edit access to Create items and edit items that were created by the user. Save the settings and close the SharePoint list. That’s all we must do to set it up.
View The Filtered SharePoint List As The Current User
As the user who is not the site administrator open the Performance Reviews SharePoint list. Now we can only see the records that we created. All other records are hidden and cannot be accessed.
In Power Apps studio the gallery will only show records for the current user even though it is unfiltered.
Did You Enjoy This Article? 😺
Subscribe to get new Power Apps articles sent to your inbox each week for FREE
If you have any questions about 3 Ways To Filter A Power Apps Gallery By The Current User please leave a message in the comments section below. You can post using your email address and are not required to create an account to join the discussion.