cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Arioule
Helper III
Helper III

How to make sections (or fields) of a Entity Main Form only visible (or editable) for specific users (or security roles)

Hi,

 

I have created a Entity Main Form with 3 different sections : Employee, HR and IT sections.
I have also created a Business Process Flow associated to my Entity with 3 Stages that will help to gradually fill in the form.
I would like first the employee to fill in the Employee Section, then HR to fill in its dedicated section and finally IT to complete the form through the implemented Business Process Flow.

Also, I would like the Employee, HR and IT to be the only ones to be able to see (or to edit) their dedicated section.

 

How can I achieve this ?

 

Thanks,

 

Arioule

2 ACCEPTED SOLUTIONS

Accepted Solutions

You can do that with field level security.

https://docs.microsoft.com/en-us/dynamics365/customerengagement/on-premises/admin/field-level-securi...

 

You need to first define the fields to be secure on field configuration in CDS.

 

Then configure field security profiles based on roles. Note this is not yet in the modern settings experience, so you need to go to advanced settings to manage your field security profiles

 

from classic settings go to Security-->Field Security Profiles. 

create field security profile for the role(s)

set security setting for fields. the permissions available are:

  • Read. Read-only access to the field’s data.

  • Create. Users or teams in this profile can add data to this field when creating a record.

  • Update. Users or teams in this profile can update the field’s data after it has been created.

A combination of these three permissions can be configured to determine the user privileges for a specific data field.

 

Note--this doesn't hide the field or sections on the form, but it secures the data at the platform layer, so no matter how people interact with the data (reports, model apps, canvas apps, excel output, etc) that will not see the data.

 

If you want to selectively hide the field on a form based on role, you need to use JavaScript.

View solution in original post

for form visibility, the non code way to do it is to create three different forms and associate the appropriate role with the appropriate form. Security settings in model-driven forms allow you to specify specific roles get access to a form, so you can have a HR form that has the HR section and only HR people can see it.

 

You will want to pair this with field level security if you have "real" field security requirements, not just convenience view filtering.

View solution in original post

3 REPLIES 3

You can do that with field level security.

https://docs.microsoft.com/en-us/dynamics365/customerengagement/on-premises/admin/field-level-securi...

 

You need to first define the fields to be secure on field configuration in CDS.

 

Then configure field security profiles based on roles. Note this is not yet in the modern settings experience, so you need to go to advanced settings to manage your field security profiles

 

from classic settings go to Security-->Field Security Profiles. 

create field security profile for the role(s)

set security setting for fields. the permissions available are:

  • Read. Read-only access to the field’s data.

  • Create. Users or teams in this profile can add data to this field when creating a record.

  • Update. Users or teams in this profile can update the field’s data after it has been created.

A combination of these three permissions can be configured to determine the user privileges for a specific data field.

 

Note--this doesn't hide the field or sections on the form, but it secures the data at the platform layer, so no matter how people interact with the data (reports, model apps, canvas apps, excel output, etc) that will not see the data.

 

If you want to selectively hide the field on a form based on role, you need to use JavaScript.

View solution in original post

for form visibility, the non code way to do it is to create three different forms and associate the appropriate role with the appropriate form. Security settings in model-driven forms allow you to specify specific roles get access to a form, so you can have a HR form that has the HR section and only HR people can see it.

 

You will want to pair this with field level security if you have "real" field security requirements, not just convenience view filtering.

View solution in original post

Thanks a lot for your help

Helpful resources

Announcements
UG GA Amplification 768x460.png

Launching new user group features

Learn how to create your own user groups today!

Community Connections 768x460.jpg

Community & How To Videos

Check out the new Power Platform Community Connections gallery!

M365 768x460.jpg

Microsoft 365 Collaboration Conference | December 7–9, 2021

Join us, in-person, December 7–9 in Las Vegas, for the largest gathering of the Microsoft community in the world.

Users online (2,661)