Show/Hide Views based on User Security Role
Spring Wave 2016
325
Like
Share
ReportThere is no out of the box way to hide views for users having specific roles. Some ways are there which you can see from links given in references at the end of this article. Mainly are; register a plugin on entity “savedquery” and there is a tool at codeplex which you can use with CRM 2013. I am not sure if this is available for CRM 2016 and Dynamics 365 or not. Alternatively, you can also create a Private view and Share it with the Team of the Business Unit. This will give access to all the users that are members of that team access to the view.
In this article I will show you plugin way to do the same in Dynamics CRM 2015, 2016 and Dynamics 365. The plugin will hide views based on user roles. We can achieve this by registering a plugin on entity “savedquery” on message “RetrieveMultiple”.
We are hiding a view named “Authorized Contact” for users with role “System Administrator”.
So, here is complete plugin code.
using System;
using System.Linq;
using Microsoft.Xrm.Sdk;
using Microsoft.Xrm.Sdk.Query;
namespace FilterViewsByRole
{
public class FilterViews : IPlugin
{
public void Execute(IServiceProvider serviceProvider)
{
IPluginExecutionContext context = (IPluginExecutionContext)serviceProvider.GetService(typeof(IPluginExecutionContext));
IOrganizationServiceFactory serviceFactory = (IOrganizationServiceFactory)serviceProvider.GetService(typeof(IOrganizationServiceFactory));
//IOrganizationService crmService = serviceFactory.CreateOrganizationService(context.UserId);
IOrganizationService crmService = serviceFactory.CreateOrganizationService(null);
try
{
if (context.InputParameters.Contains("Query") && context.InputParameters["Query"] is QueryExpression)
{
QueryExpression qe = (QueryExpression)context.InputParameters["Query"];
if (qe.EntityName == "savedquery")
{
if (qe.Criteria != null)
{
if (qe.Criteria.Conditions != null)
{
string roleName = "System Administrator";
bool userRoleFound = VerifyIfUserHasRole(roleName, context.UserId, crmService);
if(userRoleFound)
{
ConditionExpression queryCondition = new ConditionExpression("name", ConditionOperator.NotEqual, "Authorized Contact");
qe.Criteria.Conditions.Add(queryCondition);
}
}
}
}
}
}
catch (InvalidPluginExecutionException ex)
{
throw ex;
}
}
public bool VerifyIfUserHasRole(string roleName, Guid userId, IOrganizationService crmService)
{
bool userRoleFound = false;
string fetchXmlString = @"<fetch version='1.0' output-format='xml-platform' mapping='logical' distinct='true'>
<entity name='role'>
<attribute name='name' />
<attribute name='roleid' />
<link-entity name='systemuserroles' from='roleid' to='roleid' visible='false' intersect='true'>
<link-entity name='systemuser' from='systemuserid' to='systemuserid' alias='ab'>
<filter type='and'>
<condition attribute='systemuserid' operator='eq' value='" + userId + @"' />
</filter>
</link-entity>
</link-entity>
</entity>
</fetch>";
EntityCollection entColl = crmService.RetrieveMultiple(new FetchExpression(fetchXmlString));
if (entColl != null && entColl.Entities != null && entColl.Entities.Count > 0)
{
int count = entColl.Entities.Select(x => x.GetAttributeValue<string>("name")).Where(y => y.ToString().ToUpper().Trim() == roleName.ToUpper()).Count();
userRoleFound = count > 0;
}
return userRoleFound;
}
}
}
Register Plugin Step like this
Before running plugin, there was a view named “Authorized Contact”.
After we registered plugin, the view disappeared for user with role “System Administrator”.
References
http://alagunellaikumar.blogspot.in/2015/11/hide-view-in-crm.html
http://www.powerobjects.com/2014/10/21/assigning-system-views-based-security-roles-dynamics-crm/
http://ms-crm-2011-beta.blogspot.co.uk/2012/09/how-to-hide-some-systemcuctom-views-ms.html
This was originally posted here.
*This post is locked for comments