Table permissions is a feature that allows you to control who can view, edit, or delete Dataverse records from a Power Pages site.
Power Pages allows to easily configure table permissions based on Contact or Account relationships directly, for example, a user can see all records where they are the Contact in the field configured in the table permission, or their Account is their account in the field configured.
However, sometimes you may need to display data from child accounts, which are accounts that are related to the parent account through the ‘Parent Account’ (parentaccountid) field relationship. For example, you may want to allow users associated with the Parent Account to see all records associated with the Child Accounts.
In this blog post, I will show you how to configure table permissions for Power Pages users who need to see records from child accounts.
Example data and table
Let’s use a simple scenario where we have the following accounts configured:
And the following records in a table named ‘Submissions‘.
Considering that we already have set up permissions for the parent account using the standard Access Type as Account Access as below:
A user that has the Account (Company Name field) set to ‘Contoso Global’ will see only the records from ‘Contoso Global’ if they open a Power Pages page that lists data from that table as below with the standard setup:
If we want to enable table permissions for child accounts, we need to follow these steps:
- Create table a permission that grants read access to the child account records
- Create a child table permission from this table permission, and configure it based on the relationship from the Accounts table to the related table (Submissions on this example)
- Assign the permission set to the Power Pages Web Role of the users who need to see records from the child accounts
Create a table permission record that grants access to the child account records
Add a new table permission of access type Account to the Accounts table based on the relationship account_parent_account, and assign it to the Web Role you want to grant access to.
For simplicity on this post, I am using the ‘Authenticated Users’ Web Role so any logged-in user would get the same type of access.
Add a child table permission record to this newly created table permission based on the account relationship you want to grant access (in this case, pnp_submission_Account_account as below):
This table permission will inherit the Web Role assignment from the parent.
The final permissions setup will be the following:
Results
Now, after enabling this new table permission, the same user that previously could see from Power Pages the records from ‘Contoso Global’, can see all records from the child accounts:
Conclusion
By following these steps, you can enable table permissions for Power Pages users who need to see records from child accounts. This will allow you to display data from any related child account in Power Pages.
References
Configuring table permissions – Microsoft Learn