We have a requirement to provide access for users at record level. So we have a plan to leverage the Access Team capabilities in dataverse.
The admin is going to add the users(user1, user2, user3,....) into the main parent record access team grid so that the record can be accessible for these users. We want to automatically add the same users into the child -> sub child table level access team grids as well.
Question:
Whether adding users on parent table record access team will automatically provide access to child -> subchild level access to records? Or should we go with custom implementation?
Please advise.
Related
I have a bigquery view that I want to share with data analysts so that they can access its data through data studio. This shared view makes a query to a private view in another dataset which in turn makes a query to a table in another dataset, as per this diagram :
To achieve this, I followed the steps as mentioned in the tutorial Creating an authorized view
Assign the data analysts to the project-level bigquery.user role in IAM
Authorize the shared_view on the private_dataset_1
Authorize the data analysts group to access the shared_dataset with the BigQuery Data Viewer role
However, querying the shared_view from a data analyst account keeps failing because of insufficient permissions access..
To resolve this issue it is also necessary to share the private datasets accessed by the private view with this view, so that each private dataset in the chain is explicitly shared with views external to it that access it.
In this case, it is necessary to authorize the private_view_1 on the private_dataset_2.
I created a multi-tenant application where each tenant have different set of users. I am trying to implement a functionality where same user might exist in different tenants. Does outsystems provide such functionality or I have to create my custom logic ?
Right now, I did create a user having same username in 2 different tenants and during login I am showing user to select tenants. But on changing tenants and logging to that tenant, the environment doesn't switch to that tenant that user has selected.
Below is the image of the logic of switching tenants and logging in the customer.
During debugging I saw that after executing TenantSwitch action it did change the Site.TenantID property but after User_Login action is reverted to the first tenant not the one user selected.
When you use User_Login(), the system will log you in the first Tenant it finds in the DB that has that username, thus ignoring your TenantSwitch().
So, if you want to login to a specific Tenant in your case, you need to be more explicit and instead use the Login() action - after the tenant switch.
For a thorough explanation of this, with example code, please check out the following deepdive Master Class on Multi-Tenancy starting around the 27:20 minute mark.
This isn't available out of the box as OutSystems assigns users (and all entities) to a specific tenant. Entities belonging to single tenanted modules are assigned to the default tenant.
OutSystems uses a hidden .Tenant_Id attribute on each entity to indicate which tenant that user belongs to. You can unhide this attribute for the users entity by selecting it, clicking More... and then ticking the relevant box in the Advanced tab. You can then access the attribute directly, but be aware this will hinder OutSystems' ability to do some of the stuff it does automatically to ensure that you access tenant specific data.
When you use the User_Login action OutSystems will deduce which tenant to use from the User.Tenant_Id attribute regardless of which tenant you've switched it to previously. The user would need an account for each tenant they need to use, but there's no reason this couldn't be done behind the scenes with OS fetching the correct username before logging in. You'd need to ensure they all stay in sync though, especially the passwords ofc.
As I understand, we can access records created by Portal users and their respective Entity Permissions apply for them. However, I wanted those users to be able to even access records which were created by CRM users within Dynamics 365 (and not records created from Portal by a Portal user which is assigned to System)
Is this possible? If yes, how can I achieve that?
Thanks in advance!
It does not matter who created the record, what matters is if that user has access to it. It would not make much sense to show only records that were created by the portal users - how would you then handle something like Customer Service (on one end users use portal, but on the other they are using CRM, bot are creating records).
So basically I'm not sure how aware are you of the configuration of permissions, but let's say that you configured that a Contact (which is a portal user) has access to all records "Cases" that are referencing this contact (this is simply configuration in Entity Permission record). If yes then contact will see records created by him and all other cases that are referencing him as a contact, so if you as a CRM user will create a Case for a Contact, this Contact will see the case.
I am building an app with Role based Security. I have built my Record Types (Projects, Accounts, HistoryLog, Financial, Customer, etc) in Cloudkit Dashboard, and I have created Security Roles as well. I have roles named: Executive and DeptManager. I have assigned to the Record Types the appropriate access by Role. I have also assigned to the user in the special Record Type "Users" the role of either Executive or DeptManager.
I have successfully accessed and manipulated data in the Record Types. Now I am implementing Role based viewing in the App. So on the first view there is a log in "like" feature, so after i discover the user, I want to display the Roles of that user in a PickerView for them to select. Once they select a role I will them take them to the appropriate view. For example I may have the role of both DeptManager and Executive. If today I select DeptManager, I will be taken to a view that allows me to enters Production Metrics. If another day I select Executive, I will see performance metrics for all the departments that report to me.
Here is an image from CloudKit Dashboard showing the info I'm trying to retrieve. Thanks in advance for any advice.
Currently it is not possible to get the roles a user is in. At the moment the information that is returned from the discoverUserInfoWithUserRecordID is very limited. I also hope it will be extended soon. Currently you only get a userRecordID, first name and last name. If you do want such functionality, then the only solution is creating a shadow registration which you could query. You then would have a challenge keeping these 2 in sync. That has to be done manually.
The company I work for has clients which have various businesses but which are owned by the same person. The different businesses have separate contracts and we have linked the two accounts by a connection.
Now, when a case regarding one of the businesses is created, we want all the contracts of both businesses to show up under 'Contracts'. Is this possible?
Ex: Business A - Contract A
Business B - Contract B
Case for Business A : Available contracts: Contract A , Contract B ( since the owner is the same we want both of them to show)
It is, but it would probably take some development. You would need some sort of html/silverlight xap web resource or an iframed web application to retrieve and dynamically load the contracts of all the account connections on the account form. The web application would need to take into account the relationship of the parent account to the child accounts and it may be easier instead of using connections, just to make them child accounts to the parent account. That's how its done pre-2011.
I think I can suggest something here.
Have that 'person' as master Customer (record of type account), and have all the businesses (A, B) as child Customers (records of type account).
Now create an advanced find view to list all the contracts for 'master' customer
Expose it in a grid. (read more here How to create master/detail view in Microsoft dynamic CRM 4.0?)