Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Dynamics 365 Community / Forums / Customer experience | Sales, Customer Insights,... / Is there a way to emul...
Customer experience | Sales, Customer Insights,...
Unanswered

Is there a way to emulate team/BU access level functionality on field security?

(0) ShareShare
ReportReport
Posted on by Harvey Adock 25

I have a requirement where the client needs field permissions on certain financial fields on an entity which will allow reading/updating of the field for users within the BU of the record, but not to users in other BUs, similar to how security works on the entity level (with permissions being given at access levels of either: User, BU, Parent/Child BU, or Organisation). I know the basic field level security just allows the binary option of "users are never allowed to read/update the field" or "users can read/update the field as long as they have the appropriate entity permissions to the entity", with no discerning between records owned by you/your team, but is there a way to fulfil my requirement without something incredibly cumbersome like a copy of the field for each BU plus an additional field to aggregate them together for business logic?

To clarify the requirement, an example of the need would be for their UK sales people to be able to see a count of Orders owned by the US BU for a given Account (to see whether the Account is being actively engaged by other countries, for example) but not to see how much the Orders cost, but the UK sales people would still need to see and update the Order cost field for Orders owned by users in their UK BU. Is this possible?

  • Harvey Adock Profile Picture
    Harvey Adock 25 on at
    RE: Is there a way to emulate team/BU access level functionality on field security?

    Thanks for your suggestion, but I think this would only cover update rights, correct? Part of what the client needs is read rights to also be restricted, e.g. BU "X" members can only read the value of the field on records belonging to BU "X", while they can see other data on records from BU "Y", just not the fields which should be restricted by this security.

  • Fubar Profile Picture
    Fubar 2,752 on at
    RE: Is there a way to emulate team/BU access level functionality on field security?

    Completely lockdown the field on the Entity in question (Field Level Security, but only give read access to all users), Implement another Team/User entity (the change request entity) and let the respective users edit it, then copy the value in to the field that you locked down (run workflow or plugin as a user that is Sys Admin or has edit on the Field Level Security).

    You could also potentially do something similar with an Approval in Flow (without the extra entity)

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

December Spotlight Star - Muhammad Affan

Congratulations to a top community star!

Top 10 leaders for November!

Congratulations to our November super stars!

Tips for Writing Effective Suggested Answers

Best practices for providing successful forum answers ✍️

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,269 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 230,198 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans