20
I have created some Security policies in order to restrict all transactions tables that belongs to previous years.These security policies don't connected to security roles so they have been applied to all roles and users except System Administrator.But i need to enable them only for some companies(Legal entities).I couldn't find any where to set this option.Can anyone help me?
Hi,
The requirement has created because of some security goals.I don't know why,because of corruption in business or what?! Just I know that the manager doesn't want that new employees see the previous transactions of customers. ;)
Hi,
1) If these users are allowed to view only sales orders, it has no side effects. If a posting process is called by this user, it will not find sales orders before a certain date. That update can fail.
2) This is hard to answer as I haven't seen this requirement before. What is the exact business reason to hide older orders? What will happen in January if the users need to review/close orders from December the year before?
Hello,
As I said befor,I have created some queries for every section that we want to apply security policy.For examle on SalesTable and set a range on field:CreatedDateTime in order to restrict sales order to view just the current year transactions.
Then I created a security policy with these setting:
Questions:
1) Is this way correct or what would be bad side effects of this?
2) If I wanna apply this security policy only in some companies(Legal entities) and for others disable it,what would be the solution?
Regards.
Actually, the policies can have side effects. I wrote a blog with an example in the past which also initially had side-effects:
Sometimes, you need to split settings into multiple policies to achieve the required result as described in another blog:
If you share some details on the security policies, we might be able to help you what can be the culprit.
Hi,
Yes,I think the problem is something else.I don't think that security policy would be related to error in posting.
However,I had to disable the new security policy.
Thanks Andre.
Hi,
In an earlier post, you mentioned that the tests were successful. Did you enable the policy for all operations or only select? Can you provide some more details on the development part?
Hi Andre,
Thanks for your reply.However,I've got in a big trouble.As soon as I applied these security policies on live systme,everything is messed up.We get errors in post invoice,post packing slip,create general journal and etc.Actually Number sequences don't work properly.I'm really confuzed ;(
Hi,
It is possible to disable and enable XDS policies with help of x++ coding. In one of my examples, it is also done using the command XDSServices.setXDSstate(). The coding should be on a place which is logical in your scenario. You can find the example here: dynamicspedia.com/.../
Hello Andre,
First of all I really appreciate you for the answer.
As a matter of fact,I've created some queries on transaction tables,such as SalesTable,PurchTable,CustTrans,VendTrans,GeneralJournalEntry,....with setting a range on coresponding transaction date field and the value of ">1/1/2019".Then I have created a SecurityPolicy per each query.But when I set a contextString they didn't work.so I set nothing and they were enabled on all security roles.
After getting a successful test on everything,I got a different requirement from users that this restriction must be enforced only for some legal entities and in others,it must be disabled.According to the huge amount of my development on this issue,I am going to find a solution with less change.I am seeking for a way to disable a security policy for some legal entities by code in runtime.I think this is the reasonable solution.
Could u please inform me the way?
Best regards.
Hi,
In general, the XDS policy is global. You have to be creative here. Depending on the scenario, you can link it to security roles, if those roles will be used for some legal entities.
Also, you can use a MyContruct table where you put some temporary data to show what is allowed and join it with the security query.
FYI: I did write a few posts on XDS with some examples, but do have a lot of experience in this area: dynamicspedia.com/.../xds. The warehouse example is dealing with differences per legal entity. For sure, your scenario is different.
Can you describe the way you currently created the policy? How does it know which transaction dates are allowed to see? I might be able to think together with you.
Stay up to date on forum activity by subscribing. You can also customize your in-app and email Notification settings across all subscriptions.
#1
André Arnaud de Cal...
291,269
Super User 2024 Season 2
#2
Martin Dráb
230,198
Most Valuable Professional
#3
nmaenpaa
101,156
Share
Report
All responses (
Answers (