cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Arioule
Helper III
Helper III

How to make sections (or fields) of a Entity Main Form only visible (or editable) for specific users (or security roles)

Hi,

 

I have created a Entity Main Form with 3 different sections : Employee, HR and IT sections.
I have also created a Business Process Flow associated to my Entity with 3 Stages that will help to gradually fill in the form.
I would like first the employee to fill in the Employee Section, then HR to fill in its dedicated section and finally IT to complete the form through the implemented Business Process Flow.

Also, I would like the Employee, HR and IT to be the only ones to be able to see (or to edit) their dedicated section.

 

How can I achieve this ?

 

Thanks,

 

Arioule

2 ACCEPTED SOLUTIONS

Accepted Solutions

You can do that with field level security.

https://docs.microsoft.com/en-us/dynamics365/customerengagement/on-premises/admin/field-level-securi...

 

You need to first define the fields to be secure on field configuration in CDS.

 

Then configure field security profiles based on roles. Note this is not yet in the modern settings experience, so you need to go to advanced settings to manage your field security profiles

 

from classic settings go to Security-->Field Security Profiles. 

create field security profile for the role(s)

set security setting for fields. the permissions available are:

  • Read. Read-only access to the field’s data.

  • Create. Users or teams in this profile can add data to this field when creating a record.

  • Update. Users or teams in this profile can update the field’s data after it has been created.

A combination of these three permissions can be configured to determine the user privileges for a specific data field.

 

Note--this doesn't hide the field or sections on the form, but it secures the data at the platform layer, so no matter how people interact with the data (reports, model apps, canvas apps, excel output, etc) that will not see the data.

 

If you want to selectively hide the field on a form based on role, you need to use JavaScript.

View solution in original post

for form visibility, the non code way to do it is to create three different forms and associate the appropriate role with the appropriate form. Security settings in model-driven forms allow you to specify specific roles get access to a form, so you can have a HR form that has the HR section and only HR people can see it.

 

You will want to pair this with field level security if you have "real" field security requirements, not just convenience view filtering.

View solution in original post

4 REPLIES 4

You can do that with field level security.

https://docs.microsoft.com/en-us/dynamics365/customerengagement/on-premises/admin/field-level-securi...

 

You need to first define the fields to be secure on field configuration in CDS.

 

Then configure field security profiles based on roles. Note this is not yet in the modern settings experience, so you need to go to advanced settings to manage your field security profiles

 

from classic settings go to Security-->Field Security Profiles. 

create field security profile for the role(s)

set security setting for fields. the permissions available are:

  • Read. Read-only access to the field’s data.

  • Create. Users or teams in this profile can add data to this field when creating a record.

  • Update. Users or teams in this profile can update the field’s data after it has been created.

A combination of these three permissions can be configured to determine the user privileges for a specific data field.

 

Note--this doesn't hide the field or sections on the form, but it secures the data at the platform layer, so no matter how people interact with the data (reports, model apps, canvas apps, excel output, etc) that will not see the data.

 

If you want to selectively hide the field on a form based on role, you need to use JavaScript.

for form visibility, the non code way to do it is to create three different forms and associate the appropriate role with the appropriate form. Security settings in model-driven forms allow you to specify specific roles get access to a form, so you can have a HR form that has the HR section and only HR people can see it.

 

You will want to pair this with field level security if you have "real" field security requirements, not just convenience view filtering.

Thanks a lot for your help

Yuva_saran1219
Regular Visitor

Hi,

This can be achieved by using "Field-level Security" access. Whenever you create a new field, you will be able to see an option for enabling the permission at the entity level. You can enable this option for more than one entity. You can access the three levels of controls are:

Read

Create

Update

I have attached the following link for your reference.

https://docs.microsoft.com/en-us/dynamics365/customerengagement/on-premises/admin/field-level-securi... 

 

If you want more information about this topic, please reach us at https://www.dynamicslabs.io/ 

 

Regards,

Yuvarani.

 

Helpful resources

Announcements
Power Platform Call June 2022 768x460.png

Power Platform Community Call

Join us for the next call on August 17, 2022 at 8am PDT.

Power Platform Conf 2022 768x460.jpg

Join us for Microsoft Power Platform Conference

The first Microsoft-sponsored Power Platform Conference is coming in September. 100+ speakers, 150+ sessions, and what's new and next for Power Platform.

Users online (2,580)