In any software product, the aspect of Security perhaps plays the most important part. In Microsoft Dynamics 365 - Customer Engagement too, the developers must ensure that there are no security breaches when it comes to making configurations and customizations.
In this blog, we are going to learn how a CE developer can hide or display a Ribbon button depending on what the Entity Privileges are in the Security Roles assigned to the signed-in user. Let us consider the following real-time scenario:
There needs to be a custom Ribbon Button on the Case main form labeled – Under Review, on click of which the status of the Case record gets updated to Reviewing. But this button must be visible to only those users who have a ‘Write’ privilege to the Case entity in any of their assigned security roles. For others, the button must be kept hidden.
1. A valid Dynamics-365 CRM Instance
2. Ribbon Workbench – To create and edit our custom ribbon buttons.
Aegis Softtech will assist your organization’s systems with the best configurations. Reach out to us for specific requirements.
The latest version can be downloaded from the official website – https://www.develop1.net/public/rwb/ribbonworkbench.aspx
2. Add a custom button labeled “Under Review” on the Case entity’s main form in the Ribbon Workbench. Add the created JS web-resource as the command to this button.
3. Add a Display Rule to the command wherein we specify that the button would be visible only to the users with at least one assigned security role having the Write privilege to the incident entity. Refer to the screenshot below.
4. Publish these customizations in the Ribbon Workbench.
I. Open a case record as a system administrator. You must be able to see our button.
II. Navigate to the Admin Center and create a Dummy User.
III. Create a custom security role that has only Read entity privilege (NOT Write) to the case entity.
IV. Assign the security role created above to the Dummy User. [Note - To allow the Dummy User to successfully login, we assign one more basic security role like Common Data Service User (having no privilege to the Case entity)].
V. Finally, login to CE as the Dummy User and verify if our custom button – Under Research is hidden.
Hence, we comprehensively learned in this blog how we can hide or display a Ribbon Button based on the signed-in user’s Cyber security consulting services privileges, without having to write any code.
See you in my next blog! Take care and stay safe!