NAV has its own built-in methods for controlling access to certain parts of the system. This recipe will show you how to create role (Permission Set) to limit that access.
- From the
RoleTailored client, navigate to Department | Administration | IT Administration | General | Permission Set. - Use the
New(Ctrl + N) action to enter a new role calledSAMPLEwith the descriptionPACKT – Sample Role. - Now with your cursor on the
SAMPLEline, click on the actionPermissions. - Let's add a permission for
Object TypeasTableDataandObject IDas18. - Set the permission as shown in the following table:
Object Type
Object ID
Read Permission
Insert Permission
Modify Permission
Delete Permission
Table Data18YesYesYesYes - After setting the permission, the NAV window will look like the following screenshot:
- Click on OK.
Roles are inserted into the system using the same shortcuts as in every other record, by using the Ctrl + N key. These roles have a short name called the Role ID and a longer description field.
Our role contains a permission that will allow the user full access to customer records. For Table Data object types, there are four permission levels that can be combined in any order. They include the ability to read, insert, modify, and delete records from this table. The fifth permission level is run or executed and is used for the other object types. The options for each of these permission levels are No, Yes, and Indirect.
In order to test this, we will need to assign the role to a user who does not already have permission to the Customer table. Once that role is assigned, the user will need to close the NAV client and reopen it in order to gain new permissions.
Permission can be defined for the following objects:
|
Object type |
Description |
|---|---|
|
|
Data stored in table |
|
|
Table object |
|
|
Page objects |
|
|
Report objects |
|
|
Codeunit objects |
|
|
XMLport object |
|
|
MenuSuite object |
|
|
Query object |
|
|
The system tables that allow the user to make backups, change license files, and so on. |