One of the great features in AX 2012 is that records can be versioned with date-effective policies. Human resources is a good example where many tables have this feature enabled. For example, the employee form.
In this form, we have a date-effective control that allows us to see the data at a point in time; for instance, an employee might change the name or we might enter a planned change in position. We may wish to hide this planned position change or previous name from certain roles.
The following screenshot displays the date-effective control, showing the current record version:
By clicking on the <||> icon, you can specify a date to view the data as at a specific date.
Although our human resource manager may require access to this data, other roles may need to be restricted.
We need to log in to AX as a system administrator. We also need to know which roles are to be restricted. In this recipe, we are restricting roles that have the Inquire into workers and Maintain worker master duties.
This was determined by searching through the security privileges form for the text worker master, and noting the roles with that duty from the Roles with selected duty fact pane.
The roles in this case that should have restrictive date effectiveness are as follows:
- Payroll administrator
- Payroll manager
- Recruiter
We can do this by performing the following steps:
- Open the Security roles form by navigating to System administration | Setup | Security.
- Locate the first role (Payroll administrator) to restrict the date effectiveness records; right-click on the role, and click on Date effective policies for role.
- In this form, change the Expired data field to No access (the default is always Full control, which means no restriction), as shown in the following screenshot:
- Click on Close to save the changes.
By adjusting the date effectiveness policy, you affect all records that have date effectiveness enabled are displayed. So, in this example, we didn't just deny access to expired data in the Employee table, we did this for all data that the role can access. This includes the expired Logistics postal address records.
This may not be a practical issue, except for one scenario: the address on the sales order.
The addressing in AX is based on a location (for example, a customer's primary delivery address), and that location can have a postal address, contact details, and other address-specific information (delivery calendar). The postal address is date effective, so if the customer changes the delivery address (moves warehouse) the location is the same, just the address changes.
When you create a sales order, the postal address is attached to the order, which means that the orders in the system will be sent to the address they were created with and new orders will go to the new address. All is well, except if we enable the date effective policy for expired data. The expired data will be hidden from the users whose roles deny access to the expired data.