Restrict Update/Delete at a record level. Dynamics365 CRM

Question

I have a client requirement where I have to restrict specific Contact records from being updated or deleted if that particular record is a "Restricted Record" (meets certain criteria). In addition, to restricting that contact record itself, update and delete operations for all those entity records also need to be restricted, which have an N:1 relationship with that contact record (such as Notes, Emails, Phone calls, etc). I have opted for the approach of creating a plugin and registering update and delete steps for all the respective entities one by one. But the challenge here is, that we'll have to do this for all the related entities manually, which is not the ideal solution. Is there any way to restrict update, delete, append and append to an entity and all its relationships using access roles (record level access or something)? Any help in this regard would be helpful. P.S: I'm working on MS D365 CRM online.

Answer 1

you want restriction of record operation based on conditions and not on Access level. In general contact record can be deleted/edited by let's say every normal user but same contact record if matched your criteria should not be available for operation even though normal user has rights for all other contact records.

Unfortunately in this case you will need plugin and that too for each entity so that you can restrict based on your logic.

Other than that you can do so,

only specific security role users can updated/delete contact and related records but there you are restricting normal users from performing operations if your record is not part of logic.

As far as I see you have to go by plugin.