Microsoft Dynamics CRM (Archived)

Form read only is overwritten by business rule?

(0) Share

Report

Posted on by rskadk1

880

Hi,

I have a problem. I have set up a group of users to only have read access to an entity by a security role.

Further more I have another group that have both read and write access to the same entity with another security role.

On the entity I have a business rule (form level), that locks/unlocks field based a a field value.

My problem now is that the business rule bypasses the security roles and now the filds defined in the business rule is unlocked for the users that only have read access to the entity?

How to overcome this, so the fields is not unlocked? In my world the security roles should be top level of security, not a business role?

*This post is locked for comments

All responses (10)

Answers (0)

Aric Levin 30,188 on at

Like (0)

Report

RE: Form read only is overwritten by business rule?

Missed that. Thanks Alex.
ashlega 34,477 on at

Like (1)

Report

RE: Form read only is overwritten by business rule?

I think it's an overkill to query the roles(although, that's the ultimate solution for this kind of scripts).. if the user does not have those roles, the form is, already, readonly, so it's sufficient to simply check the form type.
Suggested answer

Aric Levin 30,188 on at

Like (0)

Report

RE: Form read only is overwritten by business rule?

Like mentioned above, you should remove the logic from the Business Rules, as they will unlock the fields.

What you can do is have your form load in JavaScript check the security role of the logged in user. If the user falls under the read-write security role, enable the fields that you want enabled.

You can use Xrm.Page.context.getUserRoles, and use webapi (or rest calls) to check if the user exist in those roles. Based on that, make the above required changes.

Below are the function that you can achieve this with:

function onLoad() {

var formType = Xrm.Page.ui.getFormType();

var roleName = 'ReadWriteRoleName';

var options = "$select=*&$filter=Name eq '" + roleName + "'";

SDK.REST.retrieveMultipleRecords("Role", options, retrieveRolesCallback, function (error) { alert(error.message); }, retrieveRolesComplete);

}

function retrieveRolesCallback(retrievedRoles)

{

var isUserInRole = false;

for (var i = 0; i < retrievedRoles.length; i++) {

var row = {};

var role = retrievedRoles[i];

var roleId = role["RoleId"];

var userInRole = checkUserInRole(roleId)

if (userInRole)

{

isUserInRole = true;

break;

}

}

if (isUserInRole)

enableFields();

}

function retrieveRolesComplete()

{

}

function checkUserInRole(roleId)

{

var isUserInRole = false;

var userRoles = Xrm.Page.context.getUserRoles();

for (var i = 0; i < userRoles.length; i++)

{

if (userRoles[i] == roleId)

{

isUserInRole = true;

break;

}

}

return isUserInRole;

}
Suggested answer

ashlega 34,477 on at

Like (0)

Report

RE: Form read only is overwritten by business rule?

It seems to be a bug, and it still works like that in 365 (v9). Business rules will unlock the field (even though security roles will not allow users to actually save the changes)

Looks like the only way to handle this correctly would be to remove those lock/unlock actions from the business rules and to use javascript instead - something like this:

function unlockReadOnly()

{

if(Xrm.Page.ui.getFormType() == 1 || Xrm.Page.ui.getFormType() == 2)

{

Xrm.Page.getControl("customertypecode").setDisabled(false);

}

}
Mihir Maruti Kadam 702 on at

Like (0)

Report

RE: Form read only is overwritten by business rule?

The user can see options in the picklist (Read-only form). This is standard functionality.
Suggested answer

Mihir Maruti Kadam 702 on at

Like (0)

Report

RE: Form read only is overwritten by business rule?

Hi Jagannath,

CRM will not allow any user to update any data even if the field is unlocked.
rskadk1 880 on at

Like (0)

Report

RE: Form read only is overwritten by business rule?

Hi Mihir,

I haven't tested if the user are able to save the record. But normally read only the user cannot select an option in the dropdown. But when the business rule is enabled he can select the options in the dropdown..
rskadk1 880 on at

Like (0)

Report

RE: Form read only is overwritten by business rule?

Hi, Jagannah,

I changed it to entity and published - but it didn't change anything. The field will still be unlocked from the user that have read only access..
Suggested answer

Mihir Maruti Kadam 702 on at

Like (0)

Report

RE: Form read only is overwritten by business rule?

The user will not be able to edit any data since the form is read-only(Security role). This is standard CRM behaviour.
Suggested answer

Jagannath 545 on at

Like (0)

Report

RE: Form read only is overwritten by business rule?

just change the scope of the business rule to "Entity".

Thanks,

Jagannath

Community site session details

Form read only is overwritten by business rule?

Helpful resources

Quick Links

Announcing Our 2025 Season 1 Super Users!

Vahid Ghafarpour – Community Spotlight

Tip: Become a User Group leader!

Leaderboard

Featured topics

Product updates

Community site session details

Form read only is overwritten by business rule?

Helpful resources

Quick Links

Announcing Our 2025 Season 1 Super Users!

Vahid Ghafarpour – Community Spotlight

Tip: Become a User Group leader!

Subscribe to this forum!

Select categories

Leaderboard

Featured topics

Product updates