Building cumulative security roles
The Dynamics 365 authorization mechanism is comprehensive and flexible. One of its greatest features is its capability to provide users with cumulative privileges as more security roles are added.
In this recipe we will build three cumulative roles: a base role that every user logging in through the web user interface must have, a read role, and a write role. The union of all three roles will enable users to read/write account and contact entities.
Getting ready
As per most recipes in this chapter, a Packt
solution to store your configuration is recommended but not mandatory. You will also need the correct privileges to configure the security roles. Typically, a System Administrator role is used to configure security roles, as the role includes all the necessary privileges required to 'transfer' those privileges into a role. However, the main security privilege required is CRUD to security roles located under Business Management |
Entity
in security roles...