Skip to main content

Notifications

Announcements

No record found.

Microsoft Dynamics CRM (Archived)

field level security and minimum permission.

(0) ShareShare
ReportReport
Posted on by

Hello All Experts,

what minimum permission to be given to user such that the values in the fields should be readable using JavaScript or code .

but my concern is these fields are placed on the user entity and it should not be visible to the particular user when he opens the form.

can anyone help me in achieving this functionality.

*This post is locked for comments

  • ashlega Profile Picture
    ashlega 34,475 on at
    RE: field level security and minimum permission.

    If the problem is that you don't want the user to be able to read from a field, but you still want your javascript to access the field, then you simply can't do it with field security.

    You can play with the visibility, however, that only works for the forms.. your users will still be able to use CRM report wizard (or Advanced Find) to get access to that field.

    It's probably related to the other question you asked (impersonation in javascripts), but, long story short, you probably need to change the logic of those javascripts. If a user is not supposed to access the field, the same should apply to the javascript running under that user account.

  • Suggested answer
    Community Member Profile Picture
    Community Member Microsoft Employee on at
    RE: field level security and minimum permission.

    My Bad, you won't be able to do it using Business rules as you cannot get the logged in person. You can write JS to check the role and show the fields.

  • EmployeeOcta Profile Picture
    EmployeeOcta on at
    RE: field level security and minimum permission.

    Hello Alex,

    Other users need to be added ........

    according to this sentence if i select only read for other user then will he be able to read those field values on user entity form as well! if so then it is not as expected.

    The other user should never see the data in these fields.

  • ashlega Profile Picture
    ashlega 34,475 on at
    RE: field level security and minimum permission.

    I may be missing something.. if you have a field, and a field security is enabled on the field, then:

    - System admins will see it either way (you don't need to add system admins to any profile. CRM does it for you)

    - Other users need to be added to a field security profile that will give them access to the field (can be read/create/update.. or any combination of those)

    - Javascripts running on the forms will be running in the context of the user opening the form, so they will have exactly the same access to the fields as the user

  • EmployeeOcta Profile Picture
    EmployeeOcta on at
    RE: field level security and minimum permission.

    Hello Vikas,

    I am newbie in business rule.

    can you give any sample example for creating the same?

  • Suggested answer
    Community Member Profile Picture
    Community Member Microsoft Employee on at
    RE: field level security and minimum permission.

    You can create business rule to show it for only admin and hide for others.

  • EmployeeOcta Profile Picture
    EmployeeOcta on at
    RE: field level security and minimum permission.

    Hello Vikas,

    if i hide the fields then how system administrator will fill data into that.

    Hello Alex,

    I have checked with the Advanced find for the other user but the data in these fields are not visible although data is there in the database.

  • Suggested answer
    Community Member Profile Picture
    Community Member Microsoft Employee on at
    RE: field level security and minimum permission.

    You can just place the field on form and hide it. You will be able to access the fields using JS and those will not be visible to users.

  • Suggested answer
    ashlega Profile Picture
    ashlega 34,475 on at
    RE: field level security and minimum permission.

    If you are asking how to set up field level security in such a way that a user opening the record can't see the fields, but a script running on the form can still read/update the fields, then there is no simple way to do it (I'm guessing you might come up with something, but it would be outside of the regular "javascript webresource" approach)

    Although, you might impersonate plugins and workflows, and you might use those workflows (and, indirectly, plugins) from the javascript

    EDIT: Just noticed your other post. Javascript is running in the context of the user. If a user can read, javascript can read.

  • EmployeeOcta Profile Picture
    EmployeeOcta on at
    RE: field level security and minimum permission.

    There is one created field security profile and two custom fields have been added to that profile.

    After that one User having System Administrator been added with permission of read, update etc all the three when we select individual field from field security profile.

    for this user the values are visible on the user entity form but for others it is not visible in normal text only **** are there.

    suppose if other user also put in the field security profile and give only read permission will the code and javascript work as currently code is not reading the data from these fields for this particular entity record although record is there.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Congratulations 2024 Spotlight Honorees!

Kudos to all of our 2024 community stars! 🎉

Meet the Top 10 leaders for December!

Congratulations to our December super stars! 🥳

Get Started Blogging in the Community

Hosted or syndicated blogging is available! ✍️

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,622 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 230,354 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans