As I understand, we can access records created by Portal users and their respective Entity Permissions apply for them. However, I wanted those users to be able to even access records which were created by CRM users within Dynamics 365 (and not records created from Portal by a Portal user which is assigned to System)
Is this possible? If yes, how can I achieve that?
Thanks in advance!
It does not matter who created the record, what matters is if that user has access to it. It would not make much sense to show only records that were created by the portal users - how would you then handle something like Customer Service (on one end users use portal, but on the other they are using CRM, bot are creating records).
So basically I'm not sure how aware are you of the configuration of permissions, but let's say that you configured that a Contact (which is a portal user) has access to all records "Cases" that are referencing this contact (this is simply configuration in Entity Permission record). If yes then contact will see records created by him and all other cases that are referencing him as a contact, so if you as a CRM user will create a Case for a Contact, this Contact will see the case.
Related
I am customizing Dynamics CRM, and I am modifying access teams through coding. But I don't want users to be able to add access teams from screen. I cannot find the permission for that; can someone tell me where is it in the security role?
You have to identify the security role for users to limit the permission and remove the share privilege on that security role for that Access teams enabled entity. Read more
You can control who can add members to the Access Team subgrid. Only users with share privilege for the entity on which the access team exists can add or remove members from the Access Team subgrid. This makes sense—by adding people to the Access Team, you are in effect sharing the record with the people on the team.
You need a developer do that because it should modify the ribbon command in the systemuser entity.
I'm building an employee self service portal via Dynamics 365, and when I use the lookup field to display my name in a form other employee names are displayed too:
I've been fiddling with the security roles for a while now and still cant seem to get it to display a single employee name.
I'm also planning to do it a different way by filling up the employee name based on the username on the upper right.
How do you guys suggest I go about this?
First things first. Portals won't use any CRM Security role concepts as it's for CRM users. Portal is built on top of Contact entity. Contact is Portal user & Web role will control his/her access.
You have to Entity Form Metadata to populate the fields per your need. The contact lookup can be filled in by current login Portal user this way. Even you can implement something like manage/restrict the Contacts only from your parent Account in that lookup easily.
I am setting up CRM to enable the support team to be able to schedule service appointments. However the problem is that all users in the organisation are displayed as rows. How do I restrict this to just a single CRM Team rather than the whole organisation?
Using Dynamics Online 2016 Update 1.
First create view that shows all users you want and next in calendar view change type to user and pick view that you created. You can't pick teams in there.
I would suggest that you use the Business Unit + Team + Security Role tandem to do this. How do you do this?
Create Child Business Units from the Parent Business Unit.
Create Teams with the same name
Create a Security Role (e.g Service Calendar BU Role) that restricts Service Calendar CRUD, Assign, Share, etc to Business Unit (Note: This entity can be found under Service Management)
Assign that Security Role (e.g Service Calendar BU Role) to the Team
I am building an app with Role based Security. I have built my Record Types (Projects, Accounts, HistoryLog, Financial, Customer, etc) in Cloudkit Dashboard, and I have created Security Roles as well. I have roles named: Executive and DeptManager. I have assigned to the Record Types the appropriate access by Role. I have also assigned to the user in the special Record Type "Users" the role of either Executive or DeptManager.
I have successfully accessed and manipulated data in the Record Types. Now I am implementing Role based viewing in the App. So on the first view there is a log in "like" feature, so after i discover the user, I want to display the Roles of that user in a PickerView for them to select. Once they select a role I will them take them to the appropriate view. For example I may have the role of both DeptManager and Executive. If today I select DeptManager, I will be taken to a view that allows me to enters Production Metrics. If another day I select Executive, I will see performance metrics for all the departments that report to me.
Here is an image from CloudKit Dashboard showing the info I'm trying to retrieve. Thanks in advance for any advice.
Currently it is not possible to get the roles a user is in. At the moment the information that is returned from the discoverUserInfoWithUserRecordID is very limited. I also hope it will be extended soon. Currently you only get a userRecordID, first name and last name. If you do want such functionality, then the only solution is creating a shadow registration which you could query. You then would have a challenge keeping these 2 in sync. That has to be done manually.
I'm working with a Customer Self-service Portal instance in Dynamics 365 and have the possibility of a contact(user) being linked to one or more accounts via a Many-to-Many relationship. I'm trying to find a way to change the out-of-the-box Case entity list to show cases for any account the contact is linked to with this new relationship but so far haven't found anything that will work. I have considered just replacing the entity list view with some custom fetchxml in Liquid code, but I'm thinking the entity permissions for Case would have to be global then, instead of Contact or Account scope? I'm looking for a way to make this work with entity permission at Contact or Account scope.
I tried changing the account entity permission to use the new Many-to-Many relationship I created so that the current contact/user should be able to access all the accounts they are associated with, but I'm missing how to get to the next step of then showing all cases for those accounts.
Any suggestions? thank you!
Ok,I found the missing piece to make this work. Once I had the entity permission to the account entity (let's call it Account of Contact) using the new Many-to-Many relationship (contact to account), I then created another entity permission record for the Case entity with a scope of Parent and selected the "Account of Contact" permission as the parent, and picked the existing incident_customer_account relationship. Once this was parented, I was able to go to the out-of-box support home page and view all cases for accounts my contact was associated with via the Many-to-Many relationship.