Allow Users Without Delete Privilege on Activity to End Recurring Appointment Series or Convert Single Appointment to Recurring One
This post will explain how you can implement a plug-in that will allow the normal users without prvDeleteActivity (Delete privilege for the Activity table) to
- end a recurring appointment series, update recurrence information, or
- convert an existing appointment to a recurring appointment.
In most of the Dynamics 365/Power Apps + Dataverse implementations, it is a common practice not to give the Delete privilege to the normal user security role to prevent users from accidentally deleting data. Leaving the Delete privilege empty for all tables works fine for most of the actions, but some out-of-the-box actions require the Delete privilege to be successfully performed.
Problem Statement
If the user wants to end a recurring appointment series before the original end date specified during the creation of the series, the user can click on the "End Series" button on the recurring appointment form. That action will call the DeleteOpenInstancesRequest which deletes all the “open” and “scheduled” future instances of the specified series from the date specified in the series end date. If the user does not have the prvDeleteActivity, the user will get the following Insufficient Permissions error.
You do not have {0} permission to access {1} records. Contact your Microsoft Dynamics 365 administrator for help.
Solution
In order to let the user perform those actions without giving prvDeleteActivity in the user's security role, you can implement a plug-in to delete the Appointments with an elevated user account or temporarily assign a security role with prvDeleteActivity while performing the action.
Solution for Ending a Recurring Appointment Series
The solution for this scenario is simple. The plug-in just needs to retrieve the appointments with the same SeriesId which are starting on or after the SeriesEndDate parameter and delete those appointments with SYSTEM user before the system does. If there is no future appointment after SeriesEndDate, the system will not try to delete in the current user's context and it will not show any error due to the lack of prvDeleteActivity privilege.
The plug-in will only run for RecurringAppointmentMaster table and the DeleteOpenInstances message. Since the future appointments need to be deleted before the actual operation, the plug-in will be registered in the Pre-operation (stage 20). Two main important parameters are the GUID of the target recurring appointment and the series end date parameter entered by the user.
Solution for Updating Recurrence Information of the Recurring Appointment
Solution for Ending a Recurring Appointment Series
The requested record was not found or you do not have sufficient permissions to view it.
Summary
This was originally posted here.
*This post is locked for comments