Microsoft Dynamics NAV allows you to specify record-level security using the Security Filters
field on Permissions
. Here we will discuss how to set up these filters and some pitfalls to watch out for when using them.
RoleTailored client
, navigate to Department | Administration | IT Administration | General | Permission Set.Security Filter
field of Object ID 5200
to a filter based on City
equal to 'Cambridge'.
Name |
Type |
Subtype |
---|---|---|
|
|
|
OnRun
trigger of the codeunit:Employee.SETPERMISSIONFILTER; PAGE.RUNMODAL(0, Employee);
Employee
variable:We can limit the records, which the user can see in a table, using the Security Filter option. This attribute is assigned in a way similar to the read/insert/modify/delete
attributes in the Permissions
window for a Role
.
If the user opens a page, these filters will automatically be applied. This is not the case, though, when the page is opened through the code. In these cases you must call the SETPERMISSIONFILTER
function on the Record
variable that is passed to the page.
When used correctly, security filters can be of great use when setting up permissions. On the other hand, they can also cause a lot of headaches.
For example, let's imagine a manager who needs to view the General Ledger
entries to make sure his department is not going over budget. He should be able to view the entries only in the accounts that relate directly to his department. This seems like a great use for security filters. But what about all the other General Ledger
entries that are created when he posts the documents? Tax and VAT are great examples. That security filter will not allow him to post those accounts and he will receive errors during posting.
Be careful when and how you use this type of security. If you apply a security filter to a Customer
permission, don't just open the Custom List page to test it out. As with all the security pages, you will want to test your code extensively to make sure that you do not introduce any problems into the system.
3.147.83.8