Reputation: 18895
How to Enabled a single field for update for a particular role in CRM 2011
What I need
I have a custom Entity with that with multiple fields. Admin Role has "god" access. All other roles except for one have read only. The one non admin role with update access, should only be able to update a single field.
What I believe to be true
I believe I have three main options to implement this requirement:
- Enable Update Access to the role for that entity then write Javascript to disable all fields on the form for that role, except for the one that I want that role to be able to edit
- Enable Update Access to the role for that entity then create a new form that disables all fields on the form for that role, except for the one that I want that role to be able to edit.
- Enable Update Access to the role for that entity then turn on field security for each field, disabling access using the field security, for each field except for the one I want them to edit.
What's the Best Practice?
What options should I choose?
If I go with options 1 or 2, will the user be able to edit the field on the bulk edit form?
Upvotes: 1
Views: 2547
Answers (2)
Reputation: 1467
2 is most likely best, or as an alternative put the fields in the header or footer rather than as read-only fields on the form.
This also means the fields won't be available to bulk edit, but other methods such as data import or workflows would let users get round this if they know how and have rights to do such things.
3 Field Security is the most robust and works for all scenarios
Possible option 4: create another entity to contain those fields and apply different security to that entity. If created as a child, show the record in a grid on the form with the values included in the view. If it is a parent then you could use methods such as showing the values via an HTML webresource page included on the form.
Upvotes: 1
Reputation: 4686
- From a user perspective, I think it's confusing when a form opens up with things enabled, then they get locked down. Plus someone could possibly get data in there before the fields get locked. I'd say you'd have to combine this with a plugin to prevent changing fields you don't want changed.
- I like this option better, although again, the field can be unlocked if someone knows what they're doing, so a plugin to double check would be nice.
- This would avoid having to double check in a plugin, but you also have to rely on the admin correctly setting up security for new fields going forward. If that's not a concern, this might be best.
Bulk edit is a global privilege, so they'd have bulk edit for all entities. Also, the bulk edit form does not load scripts, so that knocks out option 1. I'd say if it's just this one field, I might leave the privilege locked down and provide my own Bulk edit button on the grid that would show a custom page that just has that one field on it, then handle the updates though script.
Upvotes: 3
Related Questions
- Update only some fields in a Microsoft Dynamics entity
- Dynamics CRM 2016 Plugin triggered when user role assignments are changed
- Can i make a field editable for a specefic role "System Administrator" if the field type is calculated in the form
- Unable to update field security profile for a attribute in crm 2011
- How to lock a field based on user role?
- How can I update the roles for a given list of users?
- CRM 2011 Security roles - edit many at once?
- Update CRM 2011 Access Right Programmatically
- How to make an entity update its own field
- Microsoft CRM 4.0: How to set "valid for update" = 0 for attribute?