Security role user selection feature in workflows in D365F&O

Hi all, 

So today we got a new requirement where the approvals in the organization-wide workflow types in D365F&O will approve/reject only the records that belong to the same legal entity.

The approval assignment is based on the security role assignment.

After reviewing the code of the out of the box security role workflow provider class: WorkflowRoleParticipantProvider

I found this baby that saved a lot of work

NoYes validateExplicitUserAssignmentToLegalEntities = WorkflowParameters::find().RequireExplicitUserAssignmentToLegalEntities;

This line of code actually saved my life. So if the boolean variable validateExplicitUserAssignmentToLegalEntities is true, then it gets all the users that are assigned to the specific security role within the same legal entity. 

Changing the boolean value is really simple, you only need to go to Workflow Parameters form under Organization Administration and check the 

Require explicitly assigned users field. 

This is the result you get when you change the workflow parameters for the two legal entities. 

In the end, I was able to change the organization assignment of the approval security role.

Now we have an organization-wide workflow type that is common to all the legal entities. But some approvals should approve only the records that are within the same organization.

I hope this helps.

Regards,

M