Thursday, August 30, 2012

Field Level Security in MS CRM 2011

Hi ,

as we all know one of the bingo from MS CRM 2011 we got is the field level security.
this is quite good and interesting, also something we need to look for it.
1st i will go through the details of it then will put what are the things need to be considered.

we need to be familiar with the below screens
1. this is setting area and the item which we need to create the Field Security Profile
2. then the creating screen contains the

    a. General : the basic details
    b. Team: which teams belongs to this role, this is new in 2011
    c. Users : which users own this role
    d. Filed Permission: here it will list out the list of fileds where the Field Security is enabled, to enable the filed level security follow the below figure (note: field security can not be changed for the system attributes)
3. not you can edit the Field Security as below screen
the above details are as follows:
a. Allow Read: this means, if it is YES it will allow to read in the form, also in the all the grids, if u add as column. else it not allow to read in form(only dotted lines will come), in grid even though you can add the column, the values wil not be displayed.
in advancefind, in the list of columns you will be able to find the filed.
b. Allow Update: if it is YES, it will allow the user to update the field in the update mode.
So you might be thinking, if the Allow Update is YES, automatically it should have Allow Read YES? No it does behave like this. So if Allow Read is NO and Allow Update is YES, then the user can edit that field, but he can read it before and after the update. (Is it wiered?) O_o
c. Allow Create: If it is YES, then the user can enter data only in create mode. So it will just follow the rest on the option straight.
 
the below is the screen how it looks if we add the field to the form..., this is in Design View
as you might be noticing a key symbol get added, this show that the filed is enabled for Filed Security.

how it lloks in the form, if user does not have read access...
So it has only dotted marks... NOTE: it means even if no value is there also u ll get dotted lines..
So user even can not know if value is there or not

K here are few points:


1.       If we apply field level security for any attribute and put on form level, it will be in form but with dotted data, means we cannot completely remove the filed from the form by configurations, also it will be visible in the advance find list and in the advanced find View, even though the value can be controlled in the view

2.       System attributes cannot be configured for Field Level Security, so for the uncommon attributes we need to keep in mind and create custom attributes

3.       Any security role we have assigned is not only in form level, it also has impact Programmatically , like if we registered any Plugin by Calling user, then it will throw exception, if the user belongs to the Field Level Security group which has not update permission or read etc.

4.       Also it’s not so simple(but not impossible) to manage for a lot of fields.


May be i put things here there... but just try to put ...

Hope this can help...

Regards,
Sudhanshu
 
 
 


No comments:

Post a Comment