I am currently working on assignment of granting access rights to our users. Some typical requirements are to provide read-only access to whole system, etc.
I was wondering if there is some way to filter menu items by their properties and add to an existing / new privilege by any means.
I tried security development tool, but, it does not show values for properties when no Role / Duty / Privilege is selected.
Has anyone worked on similar requirements earlier? Any help would be greatly appreciated.
We created a new role and added all duties/(privileges for finetuning) with the word 'View' or 'Inquire'.
If you create a project in your AOT, you can use the Project Filter to have these privileges and duties grouped in the project. Element types to use is SecurityDuty and SecurityPrivilege. Filter on name: '*view*,*inquire*''
First start with the duties. Privileges are for finetuning if the duty gives too much access.
From the project you can select e.g. all the duties and drag/drop in into a new role.
'View' means all forms with read-only access.
'Inquire' means the reports.
André Arnaud de Calavon | Microsoft Dynamics AX Solution architect | My blog | My company
This post is my own opinion and does not necessarily reflect the opinion or view of my company, Microsoft, both its employees, or other MVPs.
Thanks for replying. I tried this approach, but, it doesn't work in all scenarios.
E.g. An important requirement is to separate out all menu items which belong to a particular license type [Enterprise / Functional / Task / etc]. Based on that we can determine, to what extent we can provide access for a license type.
I tried searching for Table which holds Menu Items and its properties, but, didn't find anything usable so far.
I suppose we have to hope for more features on the Security Development Tool, or security in broader areas. When adding a duty or privilege it is not always clear what license type the Role will end up.
You can access menu items by using x++ code. So a customization on this point seems to be neccessary.
If you are using the security development tool and you load the additional metadata, it will tell you what type of user license is required for each entry point. If you have a role selected, it will also tell you what the current user license type is required for that role based on the duties and privileges that are in it.
You are right. It seems that a customization is required. Thanks for your time.