Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Dynamics 365 Community / Forums / Microsoft Dynamics NAV (Archived) / Record level security ...
Microsoft Dynamics NAV (Archived)

Record level security and RTC.

(0) ShareShare
ReportReport
Posted on by Community Member Microsoft Employee

Hi,

I am setting up record level security for sales people. The purpose is they can only see their own customers and contacts, and the documents related to them.

Now i am facing a problem, it took me a while to find the cause.

Lets say I have 2 salesperson codes in the system SP1 and SP2.

I create a role sales_SP1 in which I set a security filter Salesperson code = SP1.

This works fine, if the user has never been using NAV before, or if he selected a customer with salesperson code = SP1, the last time he used the customer list.

However, if the last time he used the customer list, a customer with salesperson code SP2 was selected, he is not able to open the customer list after the security filter has been applied. He gets a message that he is not allowed to read the customer table.

anybody else faced the same problem ?

kr,

Francis

*This post is locked for comments

  • Verified answer
    Community Member Profile Picture
    Community Member Microsoft Employee on at
    RE: Record level security and RTC.

    Hi All,

    finally found some tim to work on this. I got it all working, and I do have some things to remember. I would ike to summarize them, it might make lifie easier for somebody needing the same functionality:

    The case was that Sales people should be able to login in to Navision but their views and actions on data had to be limited to 'their' data. The data sets involved were :

    - Contacts

    - Customers

    - Sales Quotes (create quotes)

    - Sales orders (only see sales orders)

    1. Permissions

    I did make a permission role per sales person (i.e. ACCOUNTMGR_JL). In the concerned tables, I added a permission filter on the salesperson field. i.e. on the contact table, this would be:

    Contact: Salesperson Code=JL

    In this role, add all other tables necessary, just like you do when setting up permissions.

    2. Additional permissions

    In addition, you must have a permission role for all sales people(i.e. ACCOUNTMGR_ALL), containing all tables (from the role in step 1) with a record filter. In this additional role, the tables don't have a record filter, and they have all permissions set to 'Indirect'.   This additional permission role must be assigned to all sales people. You need to do this one, to solve issues with the fact boxes.

    This means that a sales person has two permission roles assigned.  ACCOUNTMGR_ALL and ACCOUNTMGR_JL, where JL are the initials of the account manager.

    3. Code changes

    This is a part of trial and error. I did 3 types of code changes.

    a. Tables having a security filter on sales person. In these tables, I had to modify the OnInsert trigger. If a sales person is linked to the user (can be done in the user setup in NAV), then the sales person field defaults to this linked sales person.

    b. Solving the 'you do not have acces to ... ' error. Just put on the debugger, check in what object the error raises, and modify the permissions for that object. Add the table specified in the error message. It will Always be one of the tables you have put a permission filter on.

    c. if the previous modification doesn't work, you need to add the 'SETPERMISSIONFILTER' statement to the code, just in front of the place you get the error message.

  • Suggested answer
    Mohana Yadav Profile Picture
    Mohana Yadav 59,139 Super User 2024 Season 2 on at
    RE: Record level security and RTC.

    I mean this

    midynav.blogspot.in/.../how-to-delete-personalization-settings_02.html

  • Community Member Profile Picture
    Community Member Microsoft Employee on at
    RE: Record level security and RTC.

    Hi Mohana,

    it took me some time to continue on this one. You know, end of year, projects going live, ...

    I tried your tip, deleting the records in the user metadata table, but it didn't realy help.

    This week I will continue working on it, but it is in general a work of putting 'Setpermissionfilter' in a lot of pages, reports, codeunits, ...

    The pitty thing is that debugging in this version (2009R2 ) is not that easy. And most of the issues I have in RTC do not appear in the classic client.

    kr,

    Francis

  • Mohana Yadav Profile Picture
    Mohana Yadav 59,139 Super User 2024 Season 2 on at
    RE: Record level security and RTC.

    Did you try to delete the personalization's and other user interface settings for users before setting security filter?

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

December Spotlight Star - Muhammad Affan

Congratulations to a top community star!

Top 10 leaders for November!

Congratulations to our November super stars!

Tips for Writing Effective Suggested Answers

Best practices for providing successful forum answers ✍️

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,269 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 230,198 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans