Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Dynamics 365 Community / Forums / Microsoft Dynamics AX (Archived) / How to Export Role,Dut...
Microsoft Dynamics AX (Archived)

How to Export Role,Duty and Privilege in AX 2012

(0) ShareShare
ReportReport
Posted on by ATMA-Jen 305

Hello,

I survey all WWW about AX 2012,  found the script in X++ can't work.

could have anyone had the code can share??

I found a script , but had a running error:

CommaTextIo object not initialised.

Stack trace

(C)\Jobs\AE_SecurityReport - line 95

line 95 is :commaTextIo.write('RoleName,AOTRoleName,Label,Description,MenuItemType,MenutItemName,MenuItemel,Duty,Privilege,Access Level');

could anyone can fix it??

Thanks in advance.

The script is:

from the webside: anithasantosh.wordpress.com/.../extract-security-objects-details-for-a-role

public void AE_SecurityReport()
{
#AOT
#File

SecurityRoleAOTName roleAOTName ;
SecurityRoleName roleName;
SecurityRole securityRole;


TreeNode treeNode;
TreeNode treeNodeDuty = infolog.findNode(@'\Security\Duties\');
TreeNode treeNodePriv = infolog.findNode(@'\Security\Privileges\');
TreeNode treeNodePrivNew;
TreeNode treeNodeDutyNew;
TreeNode treeNodeObj;
TreeNodeTraverser treenodeT;
TreeNode treeNodeRole;
TreeNode treeMenu;

Set setDuty ;
Set setPrivilege;
Set setMenuItem;

SetEnumerator setEnumerator ;

SysModelElement modelElement;
SysModelElementType modelElementType;

UtilElementName name;
TreeNodePath path;

str maintainlicenseType;
str viewlicenseType;
str menuLabelName;
str roleAccess;
str configurationKey;
//str commaTextIo;

String50 menuName;
String255 securityPrivilege, securityDuty, securityMenuPath;
String50 engLabel, frLabel, engDescription, frDescription;

Label objLabel = new Label();
CommaTextIo commaTextIo;
FileIOPermission permission;
FileName fileName;

container getPrivilegeDetails(
SecurityRoleAOTName _roleName, MenuItemName _menuItemName)
{
SecurityTaskEntryPoint secTaskEntryPoint;
SecurityRole secRole;
SecurityRoleTaskGrant secRoleTaskGrant;
SecurityEntryPointLink secEntryPointLink;
SecurableObject secObject;
SecurityTask secTask,secTaskDuty;
SecuritySubTask secSubTask;
String255 secPrivilege, secDuty;
container conPrivDuty, conSecDuty ,conAccess ;
container conSecPrivilege;

Select secRole where secRole.AotName == _roleName;
select secObject where secObject.Name == _menuItemName &&
(secObject.Type == SecurableType::MenuItemDisplay ||
secObject.Type == SecurableType::MenuItemAction ||
secObject.Type == SecurableType::MenuItemOutput);
select secEntryPointLink where secEntryPointLink.EntryPoint == secObject.RecId;

while select SecurityTask from secRoleTaskGrant
where secRoleTaskGrant.SecurityRole == secRole.RecId
join SecuritySubTask from secSubTask
where secSubTask.SecurityTask == secRoleTaskGrant.RecId
join AotName from secTask
where secTask.RecId == secSubTask.SecuritySubTask
&& secTask.Type == SecurityTaskType::Privilege
join AotName from secTaskDuty
where secTaskDuty.RecId == secSubTask.SecurityTask
&& secTaskDuty.Type == SecurityTaskType::Duty
join PermissionGroup from secTaskEntryPoint
where secTaskEntryPoint.EntryPoint == secEntryPointLink.RecId &&
secTaskEntryPoint.SecurityTask == secSubTask.SecuritySubTask
{
conSecPrivilege += secTask.AotName;
conSecDuty += secTaskDuty.AotName;
conAccess += enum2str(secTaskEntryPoint.PermissionGroup);
}
conPrivDuty = [conSecPrivilege, conSecDuty,conAccess];
return conPrivDuty;
}
;
permission = new FileIOPermission(fileName,#io_write);
permission.assert();
commaTextIo = new CommaTextIo(fileName,#io_write);
commaTextIo.write('RoleName,AOTRoleName,Label,Description,MenuItemType,MenutItemName,MenuItemel,Duty,Privilege,Access Level');

select Name,AotName from securityRole where securityRole.AotName == "Production Manager";

roleAOTName = securityRole.AotName;
treeNode = TreeNode::findNode(@'\Security\Roles\'+ roleAOTName).AOTfirstChild();
treeNodeRole = treeNode::findNode(@'\Security\Roles\'+ roleAOTName);

// Loop through the roles to get Duties
treenodeT = null;
setDuty = new Set(Types::String);
treenodeT = new TreeNodeTraverser(treeNode, false);
while(treenodeT.next())
{
setDuty.add(treenodeT.currentNode().AOTname());
}
setEnumerator = null;
setPrivilege = new Set(Types::String);
// Loop thru the duties to get privileges
setEnumerator = setDuty.getEnumerator();
while (setEnumerator.moveNext())
{
treeNodeDutyNew = treeNodeDuty.AOTfindChild(setEnumerator.current()).AOTfirstChild();
treenodeT = new TreeNodeTraverser(treeNodeDutyNew, false);
while(treenodeT.next())
{
setPrivilege.add(treenodeT.currentNode().AOTname());
}
}

// Loop thru the privileges to get Entry points
setEnumerator = null;
setMenuItem = new Set(Types::String);
setEnumerator = setPrivilege.getEnumerator();

while (setEnumerator.moveNext())
{
treeNodePrivNew = treeNodePriv.AOTfindChild(setEnumerator.current()).AOTfirstChild();
treenodeT = new TreeNodeTraverser(treeNodePrivNew, false);
while(treenodeT.next())
{
setMenuItem.add(treenodeT.currentNode().AOTname());
}
}

// loop thru the menu items to get the properties
setEnumerator = null;
setEnumerator = setMenuItem.getEnumerator();
while (setEnumerator.moveNext())
{
name = setEnumerator.current();
select firstOnly1 modelelement
where modelelement.Name == name
&& (modelelement.ElementType == enum2int(UtilElementType::OutputTool) ||
modelelement.ElementType == enum2int(UtilElementType::ActionTool) ||
modelelement.ElementType == enum2int(UtilElementType::DisplayTool));

switch (modelelement.ElementType)
{
case enum2int(UtilElementType::OutputTool) :
path = #MenuItemsOutputPath;
break;

case enum2int(UtilElementType::ActionTool) :
path = #MenuItemsActionPath;
break;

case enum2int(UtilElementType::DisplayTool) :
path = #MenuItemsDisplayPath;
break;

default :
path = '';
break;
}
if (path)
{
select modelElementType where modelelementtype.TreeNodeName == path;
treeNodeObj = infolog.findNode(path).AOTfindChild(name);
menuLabelName = treeNodeObj.AOTgetProperty('Label');
menuName = treeNodeObj.AOTgetProperty('Name');
engLabel = SysLabel::labelId2String(treeNodeRole.AOTgetProperty('Label'), 'en-us');
frLabel = SysLabel::labelId2String(treeNodeRole.AOTgetProperty('Label'), 'fr');
engDescription = SysLabel::labelId2String(treeNodeRole.AOTgetProperty('Description'), 'en-us');
frDescription = SysLabel::labelId2String(treeNodeRole.AOTgetProperty('Description'), 'Fr');

treeMenu = infolog.findNode(#MenusPath);
treenodeT = new TreeNodeTraverser(treeMenu, false);

securityMenuPath = ' ';
while(treenodeT.next())
{
if(treeNodeT.currentNode().AOTfindChild(SysLabel::labelId2String2(menuLabelName)))//objLabel.extractString(menuLabelName)))
{
securityMenuPath = treenodeT.currentNode().treeNodePath();
}
}
securityPrivilege = conPeek(getPrivilegeDetails(roleAOTName, menuName),1);
securityDuty = conPeek(getPrivilegeDetails(roleAOTName, menuName),2);
roleAccess = conPeek(getPrivilegeDetails(roleAOTName, menuName),3);
maintainlicenseType = treeNodeObj.AOTgetProperty('MaintainUserLicense');
viewlicenseType = treeNodeObj.AOTgetProperty('ViewUserLicense');
configurationkey = treeNodeObj.AOTgetProperty('ConfigurationKey');

commaTextIo.write(roleName,roleAOTName,engLabel, engDescription, modelElementType.Name, treeNodeObj.AOTname(), objLabel.extractString(menuLabelName), securityDuty, securityPrivilege, roleAccess);
}
CodeAccessPermission::revertAssert();
}
}

*This post is locked for comments

  • Suggested answer
    feelyd Profile Picture
    feelyd 260 on at
    RE: How to Export Role,Duty and Privilege in AX 2012

    Hi ATMA-Jen

    I was asked for this recently as well, users, roles, priviledges etc

    I found it easier to export the data using a sql script

    If you have access to the database, this script should work for you.

    Declan

    SELECT secRole.AOTNAME [Role_Name]--, secRoleExplode.SECURITYROLE,
    ,secRole2.AOTNAME [Subrole_Name]--, secRoleExplode.SECURITYSUBROLE,
    ,secTask.AOTNAME [Task_name]--, secRoleTask.SECURITYTASK,
    ,secTask2.AOTNAME [Subtask_name]--, secTaskExplode.SECURITYSUBTASK,
    ,
    CASE
    WHEN secTask2.TYPE = 0 THEN 'Privilege'
    WHEN secTask2.TYPE = 1 THEN 'Duties'
    ELSE 'Other'
    END AS OBJECTTYPE , dbo.[PRIME_LABELS](secTask.DESCRIPTION) ' Description'
    FROM SECURITYROLE secRole
    join SECURITYROLEEXPLODEDGRAPH secRoleExplode
    ON secRole.RECID = secRoleExplode.SECURITYROLE
    JOIN SECURITYROLE secRole2
    ON secRoleExplode.SECURITYSUBROLE = secRole2.RECID
    JOIN SECURITYROLETASKGRANT secRoleTask
    ON secRoleExplode.SECURITYSUBROLE = secRoleTask.SECURITYROLE
    JOIN SECURITYTASK secTask
    ON secTask.RECID = secRoleTask.SECURITYTASK
    JOIN SECURITYTASKEXPLODEDGRAPH secTaskExplode
    ON secRoleTask.SECURITYTASK = secTaskExplode.SECURITYTASK
    JOIN SECURITYTASK secTask2
    ON secTaskExplode.SECURITYSUBTASK = secTask2.RECID

    ORDER BY secRole.AOTNAME, OBJECTTYPE, secRoleExplode.SECURITYSUBROLE

  • André Arnaud de Calavon Profile Picture
    André Arnaud de Cal... 291,280 Super User 2024 Season 2 on at
    RE: How to Export Role,Duty and Privilege in AX 2012

    Hi ATMA-Yen,

    Make sure you are not trying to store a file in the root of the C-drive. Use e.g. a temp directory (make sure the directory name you want to use does exist)

    E.g:

    fileName =  "C:\\Temp\\AXrole.csv";

  • Rustem Galiamov Profile Picture
    Rustem Galiamov 8,072 on at
    RE: How to Export Role,Duty and Privilege in AX 2012

    Can you provide complete code please?

    And use </> in rich formatting to post your code.

  • ATMA-Jen Profile Picture
    ATMA-Jen 305 on at
    RE: How to Export Role,Duty and Privilege in AX 2012

    Hello,

    I edit the code about filename and AOTname.

    but still get the error:

    CommaTextIo 对象 未初始化。

    堆栈跟踪

    (C)\Jobs\Jen_SecurityReport - line 94

    please help.

    Thanks.

    BR, Jen

    below is the code:

    90  fileName = "C:\\AXrole.csv";
    91  permission = new FileIOPermission(fileName,#io_write);
    92  permission.assert();
    93  commaTextIo = new CommaTextIo(fileName,#io_write);
    94  commaTextIo.write('RoleName,AOTRoleName,Label,Description,MenuItemType,MenutItemName,MenuItemel,Duty,Privilege,Access Level');

    95 select Name,AotName from securityRole where securityRole.AotName == "ProdProductionManager";

    96  roleAOTName = securityRole.AotName;

  • Suggested answer
    Rustem Galiamov Profile Picture
    Rustem Galiamov 8,072 on at
    RE: How to Export Role,Duty and Privilege in AX 2012

    Hi ATMA-Jen!

    Just to add to previous suggestions. You should set value of file path and name to fileName variable as fileName = "C:\\Test.csv". And, as Udhaya Chandran Rajendran mentioned, the Product manager role doesn't exists in AOT.

  • udaY-ch Profile Picture
    udaY-ch 4,624 on at
    RE: How to Export Role,Duty and Privilege in AX 2012

    Hi,

    Also do check the AOT name of the role which Product manager which should be ProdProductionManager.

    /Uday.

  • André Arnaud de Calavon Profile Picture
    André Arnaud de Cal... 291,280 Super User 2024 Season 2 on at
    RE: How to Export Role,Duty and Privilege in AX 2012

    Hi ATMA-Jen,

    My first thought is that it is failing due to a missing filename. The variable is not filled, so it probably does not create a commaTextIO object.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

December Spotlight Star - Muhammad Affan

Congratulations to a top community star!

Top 10 leaders for November!

Congratulations to our November super stars!

Tips for Writing Effective Suggested Answers

Best practices for providing successful forum answers ✍️

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,280 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 230,214 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans