Total Pageviews

26 Jul 2018

Migrate MS Flow and PowerApps to a different Office 365 tenant. SharePoint Data Sources

Have you ever tried moving PowerApps or MS Flow from one Office 365 tenant to another? If you have SharePoint as a data source - then the only official way is to remove all such data sources and add them back. This PowerShell script will help you to automatically convert exported App packages to be compatible with the new tenant. This way you won't have to recreate SharePoint data sources.

Here is the script that will help you with this ordeal: https://github.com/Zerg00s/FlowPowerAppsMigrator




19 Jul 2018

Can PowerApps and MS Flow run with elevated privileges?

No, MS Flow and PowerApps are using current user's account.

Setup #1:
- User "Admin" creates a PowerApp that uses SharePoint List as a datasource
- User "Reader" gets Edit access to this app via Sharing, but this user has no permissions to the SharePoint list whatsoever.

What will happen?

Results:
- The "Reader" can open the PowerApp, but as soon as they try to create a new list item - they get an error:
There was a problem saving your change. The data source may be invalid.



Conclusion:
PowerApps use current user's permissions and don't have "run with elevated privileges" functionality.


Setup #2
- User "Admin" creates a PowerApp that uses SharePoint List as a data source
- User "Admin" creates a PowerApp button that runs an MS Flow that creates a list item in the SharePoint List
- User "Reader" gets Edit access to this app via Sharing, but this user has no permissions to the

Results:
- The "Reader" can open the PowerApp, but when they click on the button to run the flow that attempts to create a list item - nothing happens. In the MS flow history we see the 403 (Access denied) error:

System.UnauthorizedAccessException



Conclusion:
MS Flow that are run manually via a button in PowerApps use current user's permissions and don't have "run with elevated privileges" functionality.

P.S. MS Flows that are triggered on List Item Created / Updated are run using the credentials provided by the Flow author. So, depending on how the Flow was started - different credentials are used.




18 Jul 2018

SharePoint 2016 Restore User that was deleted from User Information List

There could be a scenario when the user was deleted both in AD and the User Information List and we need to restore it. That could be necessary when there was a custom solution developed that relies on the user accounts to exist in SharePoint. Needless to say these solutions were developed incorrectly, but who am I to judge.

For these rare cases, here is the way that to restore the deleted user. This worked for me in SharePoint 2016, but it might also work in 2013 and 2019.

Disclaimer: Any direct modifications to the SharePoint SQL databases are not supported by Microsoft. Restore the user by following approach only if you know for sure what you are doing.

1. First of all - determine an ID of the deleted user:


2. In SQL Management Studio - find your content database and navigate to the UserInfo table. Verify that deleted user is still listed in the table. Notice that tp_Deleted will equal to the user ID and tp_IsActive will be equal to 0:


3. Modify a row where tp_id is equal to the user's ID:
 a) set tp_Deleted to 0
 b) set tp_IsActive to True
 c) Save changes to the row


4. For the appropriate content database, run the following command to find deleted user in the  AllUserData table:
  
  SELECT * FROM [WSS_Content].[dbo].[AllUserData] 
  Where bit3 = 1 and tp_ID = User_ID

Make sure this command returned a single row. If there was a single row - proceed to restoring the user:

5. To restore the user, we need to change bit3 column's value from 1 to 0 :
 
 
 UPDATE [WSS_Content].[dbo].[AllUserData] 
 SET bit3 = 0 
 Where bit3 = 1 and tp_ID = User_ID


Done! Now go ahead and click on the deleted user. Verify that there is no error.