Hiding fields (not just data) with field-level security

(1) Share

Report

Posted on by awalters

3,079

Is it possible to hide the actual fields, not just the data in the fields, based on field-level security settings? It looks like there may be some Javascript solutions, but I prefer to stay away from that if possible since 1. JS is just one more thing to break, and 2. we'd have to do that on every single field. I'd like the field to always be hidden if the user isn't allowed to read the data.

I'm talking about doing this in conjunction with field level security, not in place of. I already know the field level security works perfectly to hide the data we don't want users seeing. We just don't particularly want to flaunt those hidden fields in front of them, nor do we want them taking up unnecessary space on the form if they can't read them anyway.

*This post is locked for comments

I have the same question (0)

All responses (20)

Answers (3)

Verified answer

Mamatha Swamy 5,426 on at

Like (0)

Report

RE: Hiding fields (not just data) with field-level security

JavaScript allows us to play with the display of the form elements. In spite of the limitations you mentioned that is the only option to hide fields dynamically. If you have lot of such fields then consider placing them in a section and toggle its display.

Using the script in conjunction with field-level security ensures the data isn't available anywhere in the system (not only form)

Was this reply helpful? Yes No
awalters 3,079 on at

Like (0)

Report

RE: Hiding fields (not just data) with field-level security

It may be a number of fields across a number of different entities and forms, though, so placing in tabs is only of limited help. :-(

I feel like this should be doable in a plug-in maybe, at least. Something that could across the board check the field level security and then hide or show the field...? (Ideally, I think this should be an option in the field level security settings. From a security standpoint, it's often a very bad idea to tell people you're hiding something from them...:-)

Was this reply helpful? Yes No
Mamatha Swamy 5,426 on at

Like (0)

Report

RE: Hiding fields (not just data) with field-level security

Plug-in cannot be used for this. Script has to be run on each form load.

Agree with you on the user experience. You can add this feature suggestion in https://connect.microsoft.com/ if its not already there

Was this reply helpful? Yes No
Mahadeo Matre 17,021 on at

Like (0)

Report

RE: Hiding fields (not just data) with field-level security

I think in this case you can use field level security ,and crm forms based on user security..

you can create multiple forms and assign to user security.. and where you dint want to show fields..dont add those on form.

So field level security willl take of data will not be shown in views and forms with security will hide fields from form.

Hope this will help..

Was this reply helpful? Yes No
awalters 3,079 on at

Like (0)

Report

RE: Hiding fields (not just data) with field-level security

The fields have to be in the same form - not broken out elsewhere, unfortunately. It's definitely a far better solution in our case to have them starred out than elsewhere, but neither is ideal.

Was this reply helpful? Yes No
awalters 3,079 on at

Like (0)

Report

RE: Hiding fields (not just data) with field-level security

I'm going to try to do some more testing tomorrow with a fresher brain. I found this link:

msdn.microsoft.com/.../dn481574.aspx

Which says "by using the Process Trigger entity, you can modify how existing business rules are initiated or register an existing business rule to different events that will initiate it" so I wonder if I can have code that checks whether or not they can read a field, and then uses this Process Trigger to conditionally initiate an existing business rule (show/hide the field). I've never written a plugin, though, so I could be totally off base, but definitely curious.

Anyone ever seen/written any plugin code to do either half of this? Either to capture the field-level privileges of the user, or to set/change a Process Trigger?

ETA: Oh...okay, I think I understand the problem better now. It's the fact that this needs to be a client-side decision as to whether or not to show the field, and the plug-ins only run server side, right? The business rules can run client-side as I understand it, but I'd still need to trigger it somehow. :-( I've got a plug-in installed that allows me to give more custom conditions for workflows, so I wonder if there's anything similar for business rules? Probably not, though.

Was this reply helpful? Yes No
Mahendar Pal 45,095 on at

Like (0)

Report

RE: Hiding fields (not just data) with field-level security

Hello,

The business rules can run client-side as I understand it, but I'd still need to trigger it somehow. --- No it's not true , in CRM 2015 business rules are also executed in server side, if you have set scope as Entity in business rules.

Was this reply helpful? Yes No
Verified answer

purwar purwar 2,836 on at

Like (0)

Report

RE: Hiding fields (not just data) with field-level security

In term of loading , Js is winner as compare to business rule.

You can use field level security with Js.

1-You can set default display setting of those field to :hide . (solution of :very bad idea to tell people you're hiding something from them).

2- You can apply field level security for above fields.

3-Display above field based on user security role. You need to write js for this. (community.dynamics.com/.../ms-dynamics-crm-login-user-39-s-security-role-using-javascript).

I am hoping it is complete solution for your requirement.

Was this reply helpful? Yes No
awalters 3,079 on at

Like (0)

Report

RE: Hiding fields (not just data) with field-level security

"No it's not true , in CRM 2015 business rules are also executed in server side, if you have set scope as Entity in business rules"

Yes, that's true - it can go either way depending on scope. But being able to run things server-side is the opposite of what I need, so I wasn't focusing on that ability.

Was this reply helpful? Yes No
awalters 3,079 on at

Like (0)

Report

RE: Hiding fields (not just data) with field-level security

"In term of loading , Js is winner as compare to business rule."

Right, but as I said above, I didn't want to do javascript because I'd have to do it on every entity/form for every field/tab/etc... That's a lot of extra work, and so I was hoping to centralize it somehow (I was hoping I was missing a setting, or some way to code "everything that the user can't read is hidden", without having to do it one by one. Apparently, though, that functionality is impossible. That's definitely too bad, and adds a lot of work and complexity to our implementation. Ah well. *sigh*

I'll also mark your response as another answer, though, because it does give a link to some examples. I want to do this based on field security profile, though, not role...hopefully I can find the right info for those attributes.

Thanks!

Was this reply helpful? Yes No