SETTING THE CORRECT PERMISSIONS FOR SHAREPOINT LISTS WITH POWERAPPS INTEGRATION
I said I saved the best one for last, but you feel that this is not a hot tip but something boring instead. Well, this is essentialbecause it is something you might want to do every time when you build a SharePoint form using PowerApps. In a modern team site, out-of-the-box, every person is either owner or member. If it is a public team site, then everyone in your organization will be a member. The problem is, members have Edit permission. With Edit permission a member can add and modify lists, and basically build or modify existing PowerApps.
Usually you build PowerApps for business solutions using a specific business logic. You don’t want that every member of the site is able to override your business logic! So, what you need to do is to make a few modifications to the permissions at least at the list level, but you might just go a head and do it at the site level as well as instructed on the following steps.
STEP 1: CHANGE MEMBERS TO VISITORS AT SITE PERMISSIONS
First click the settings gearwheel icon on top right corner of the screen on your modern SharePoint site. Select Site permissions. You will see that Everyone except external users (if this is a public team site) as well as Site members groups have Edit permission and are listed under Site members. Change those permissions to Read, and after doing so, these groups are now listed under site visitors.
STEP 2: GRANTING CONTRIBUTE PERMISSION TO SITE VISITORS
Next, on every list or library on which you want these groups to contribute into, open the list settings and make the following modifications. Under Permissions and management click Permissions for this list. Click Stop inheriting permissions. Select Site visitor group and click Edit user permissions. Change the permission to contribute. Contribute permission gives users the ability to add and modify items without the permission to edit the list and the PowerApps form.
While at this, if your business case requires item level permissions, also click Advanced settings under General settings header on the list settings. This configuration view allows you to modify permissions even further. With the following settings, users can only see their own list items on the list, while owners can still see all list items from all users.