Walkthrough: Using Roles and Privileges to Control Access to Forms
Applies To: Microsoft Dynamics AX 2012 R3, Microsoft Dynamics AX 2012 R2, Microsoft Dynamics AX 2012 Feature Pack, Microsoft Dynamics AX 2012
You can use the Application Object Tree (AOT) to create roles and privileges to control access to forms.
Setup
In implementing this walkthrough you must act as a developer, a system administrator, and an application user as described in the following table.
Role |
Description |
|---|---|
Developer |
The developer does the following:
|
System administrator |
The system administrator assigns an application user to the test role. |
Application user |
The application user does the following:
|
Create a Form and a Menu Item
You can create a form and a menu item by following these steps:
Under AOT > Forms, create a form that is named MyNewForm.
For information on how to create a form, see Walkthrough: Creating a Form by Using the AOT.
Under AOT > Menu Items, create a menu item named MyMenuItem for this form.
For information on how to create a menu item, see How to: Create Menus and Menu Items.
Add the menu item you created to one of the existing Menus. For example, you can add it to AOT > Menus > Home > Common.
The following figure shows the form and the menu item that you create in this walkthrough.
.jpg "The form and menu item that you create.")
The form and menu item that you create.
Create a Privilege and an Entry Point
You can create a privilege and an entry point for MyMenuItem by following these steps:
Create a privilege that is named MyNewPrivilege.
Expand AOT > Security > Privileges > MyNewPrivilege.
Add an entry point that is named MyNewEntryPoint. You do this by right-clicking the Entry Points node, and then clicking New Entry Point.
In the Properties window for the new entry point, do the following:
Set the Name property to MyNewEntryPoint.
Make the ObjectType of the entry point be MenuItemDisplay.
Make the ObjectName of the entry point be MyMenuItem.
Set the AccessLevel of the entry point to Read.
Create a Test Role
To properly test your form as an application user, you must create a test role. You can create a test role by following these steps:
Create a test role for an application user that is named TestRole.
Expand AOT > Security > Roles > TestRole > Privileges.
Add MyNewPrivilege privilege to the Privileges node of TestRole.
The following figure shows a test role with a privilege that you create in this walkthrough.
.jpg "A test role with a privilege")
The test role with a privilege that you create.
Test Your Form
At this point in this walkthrough you have created your form, the menu item for your form, and the test role. Now you are ready to test the access to your form for an application user.
You can test your form by following these steps:
Manually assign an application user to the TestRole by using the System administration form.
For information on how to assign a user to a role, see Assign users to security roles.
Log on the system as an application user.
The Workspace window of an application user will contain the menu item MyMenuItem.
You should be able to open MyNewForm by clicking on MyMenuItem.
Log off the system as an application user.
Manually remove TestRole from an application user using the System administration form.
Log on the system as an application user again.
The Workspace window of an application user will no longer contain the menu item MyMenuItem.
See also
Security Permissions for Securable Objects in the AOT
Announcements: New book: "Inside Microsoft Dynamics AX 2012 R3" now available. Get your copy at the MS Press Store.