Question Status

Verified
MBrown1185 asked a question on 15 Apr 2013 11:33 PM

Hi All,

I am currently working on assignment of granting access rights to our users. Some typical requirements are to provide read-only access to whole system, etc.

I was wondering if there is some way to filter menu items by their properties and add to an existing / new privilege by any means.

I tried security development tool, but, it does not show values for properties when no Role / Duty / Privilege is selected.

Has anyone worked on similar requirements earlier? Any help would be greatly appreciated.

Best Regards,

Michael Brown

Reply
Verified Answer
André Arnaud de Calavon responded on 16 Apr 2013 10:47 AM

I suppose we have to hope for more features on the Security Development Tool, or security in broader areas. When adding a duty or privilege it is not always clear what license type the Role will end up.

You can access menu items by using x++ code. So a customization on this point seems to be neccessary.

kind regards,

André Arnaud de Calavon  |  Microsoft Dynamics AX Solution architect  |  My blog  |  My company

This post is my own opinion and does not necessarily reflect the opinion or view of my company, Microsoft, both its employees, or other MVPs.

Reply
André Arnaud de Calavon responded on 16 Apr 2013 5:27 AM

Hi Michael,

We created a new role and added all duties/(privileges for finetuning) with the word 'View' or 'Inquire'.

If you create a project in your AOT, you can use the Project Filter to have these privileges and duties grouped in the project. Element types to use is SecurityDuty and SecurityPrivilege. Filter on name: '*view*,*inquire*''

First start with the duties. Privileges are for finetuning if the duty gives too much access.

From the project you can select e.g. all the duties and drag/drop in into a new role.

'View' means all forms with read-only access.

'Inquire' means the reports.

kind regards,

André Arnaud de Calavon  |  Microsoft Dynamics AX Solution architect  |  My blog  |  My company

This post is my own opinion and does not necessarily reflect the opinion or view of my company, Microsoft, both its employees, or other MVPs.

Reply
MBrown1185 responded on 16 Apr 2013 6:41 AM

Hi André,

Thanks for replying. I tried this approach, but, it doesn't work in all scenarios.

E.g. An important requirement is to separate out all menu items which belong to a particular license type [Enterprise / Functional / Task / etc]. Based on that we can determine, to what extent we can provide access for a license type.

I tried searching for Table which holds Menu Items and its properties, but, didn't find anything usable so far.

Best Regards,

Michael Brown

Reply
Verified Answer
André Arnaud de Calavon responded on 16 Apr 2013 10:47 AM

I suppose we have to hope for more features on the Security Development Tool, or security in broader areas. When adding a duty or privilege it is not always clear what license type the Role will end up.

You can access menu items by using x++ code. So a customization on this point seems to be neccessary.

kind regards,

André Arnaud de Calavon  |  Microsoft Dynamics AX Solution architect  |  My blog  |  My company

This post is my own opinion and does not necessarily reflect the opinion or view of my company, Microsoft, both its employees, or other MVPs.

Reply
Adele Bjorklund responded on 17 Apr 2013 6:28 AM

If you are using the security development tool and you load the additional metadata, it will tell you what type of user license is required for each entry point. If you have a role selected, it will also tell you what the current user license type is required for that role based on the duties and privileges that are in it.

Reply
MBrown1185 responded on 23 Apr 2013 11:28 AM

Hi André,

You are right. It seems that a customization is required. Thanks for your time.

Best Regards,

Michael Brown

Reply