web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / field level security a...
Microsoft Dynamics CRM (Archived)

field level security and minimum permission.

(0) ShareShare
ReportReport
Posted on by EmployeeOcta 6

Hello All Experts,

what minimum permission to be given to user such that the values in the fields should be readable using JavaScript or code .

but my concern is these fields are placed on the user entity and it should not be visible to the particular user when he opens the form.

can anyone help me in achieving this functionality.

*This post is locked for comments

I have the same question (0)
  • Suggested answer
    Guido Preite Profile Picture
    Guido Preite 54,086 Moderator on at

    field level security has nothing to do with javascript or code in order to read them.

    Assuming the user has the normal rights for the entity (for example he has the right to update an account) after depends on the field level security of the specific record if he can update the protected field or not.

  • EmployeeOcta Profile Picture
    EmployeeOcta 6 on at

    There is one created field security profile and two custom fields have been added to that profile.

    After that one User having System Administrator been added with permission of read, update etc all the three when we select individual field from field security profile.

    for this user the values are visible on the user entity form but for others it is not visible in normal text only **** are there.

    suppose if other user also put in the field security profile and give only read permission will the code and javascript work as currently code is not reading the data from these fields for this particular entity record although record is there.

  • Suggested answer
    ashlega Profile Picture
    ashlega 34,477 on at

    If you are asking how to set up field level security in such a way that a user opening the record can't see the fields, but a script running on the form can still read/update the fields, then there is no simple way to do it (I'm guessing you might come up with something, but it would be outside of the regular "javascript webresource" approach)

    Although, you might impersonate plugins and workflows, and you might use those workflows (and, indirectly, plugins) from the javascript

    EDIT: Just noticed your other post. Javascript is running in the context of the user. If a user can read, javascript can read.

  • Suggested answer
    Community Member Profile Picture
    Community Member on at

    You can just place the field on form and hide it. You will be able to access the fields using JS and those will not be visible to users.

  • EmployeeOcta Profile Picture
    EmployeeOcta 6 on at

    Hello Vikas,

    if i hide the fields then how system administrator will fill data into that.

    Hello Alex,

    I have checked with the Advanced find for the other user but the data in these fields are not visible although data is there in the database.

  • Suggested answer
    Community Member Profile Picture
    Community Member on at

    You can create business rule to show it for only admin and hide for others.

  • EmployeeOcta Profile Picture
    EmployeeOcta 6 on at

    Hello Vikas,

    I am newbie in business rule.

    can you give any sample example for creating the same?

  • ashlega Profile Picture
    ashlega 34,477 on at

    I may be missing something.. if you have a field, and a field security is enabled on the field, then:

    - System admins will see it either way (you don't need to add system admins to any profile. CRM does it for you)

    - Other users need to be added to a field security profile that will give them access to the field (can be read/create/update.. or any combination of those)

    - Javascripts running on the forms will be running in the context of the user opening the form, so they will have exactly the same access to the fields as the user

  • EmployeeOcta Profile Picture
    EmployeeOcta 6 on at

    Hello Alex,

    Other users need to be added ........

    according to this sentence if i select only read for other user then will he be able to read those field values on user entity form as well! if so then it is not as expected.

    The other user should never see the data in these fields.

  • Suggested answer
    Community Member Profile Picture
    Community Member on at

    My Bad, you won't be able to do it using Business rules as you cannot get the logged in person. You can write JS to check the role and show the fields.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

#1
SA-08121319-0 Profile Picture

SA-08121319-0 4

#1
Calum MacFarlane Profile Picture

Calum MacFarlane 4

#3
Alex Fun Wei Jie Profile Picture

Alex Fun Wei Jie 2

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans