Share via

Removing roles, tasks, and operations

  • Article

To allow your service to be uninstalled, add a method to the "security helper" application that removes your security metadata from the Dynamics Security Service. To prevent your "security helper" application from creating inconsistencies in the security metadata, remove your security metadata in the following sequence:

• Remove operations and tasks from roles.

• Remove roles you added for your service.

• Remove tasks you added for your operations.

• Remove operations you added for your service.

The following steps describe how to use the "security helper" application to remove security metadata from the Dynamics Security Service.

  1. Add a method.

    Add a private method named Remove to the class.

    private void Remove()

{

}

  1. Specify the operation keys in the method.

    To simplify removal of operation metadata, create an array that contains the your security operation keys and task keys.

    The following code example creates an array of the operations used by the sample Leads service. Notice how the array includes the operation keys that were created by the initialization method.

    OperationKey[] opKeys = new OperationKey[5];

opKeys[0] = getByKeyOpKey; opKeys[1] = getListOpKey; opKeys[2] = deleteOpKey; opKeys[3] = createOpKey; opKeys[4] = updateOpKey;

  1. Remove tasks and operations that were added to the role.

    Retrieve the roles where you added security operations or tasks. Use the Microsoft.Dynamics.Security.RoleService object to retrieve the role. Use a role key object to specify the role.

    • For the Superuser role, remove the operation keys from the Operations collection of the role.

    • For other roles, remove the task keys from the Tasks collection of the role.

    To update the role metadata in the Dynamics Security Service, use the UpdateRole method of the Microsoft.Dynamics.Security.RoleService.

    The following code example removes operation metadata from the Superuser role of the the Dynamics Security Service. Notice how the array of operation keys specify the operations to remove.

    // Instantiate the RoleService object

RoleService roleService = RoleService.GetInstance();

Role role = roleService.GetRole(securityContext, roleKey);

// Remove the security operation from the role if it has been assigned to // the Superuser role. bool opRemoved = false;

foreach (OperationKey key in opKeys) { if (role.Operations.BinarySearch(key) >= 0) { role.Operations.Remove(key); opRemoved = true; } }

// Only update the security service when an operation is // removed from the role object. if (opRemoved == true) { roleService.UpdateRole(securityContext, role); }

  1. Remove roles (optional).

    To remove a role, use the DeleteRole method of the Microsoft.Dynamics.Security.RoleService. Use a RoleKey object to specify the role to remove. The "security helper" application for the sample Leads service does not delete any roles, so no code sample is provided for this step.

  2. Remove tasks.

    Use the DeleteTask method of the Microsoft.Dynamics.Security.TaskService to remove any tasks that you added. Use a TaskKey object to specify the task to remove.

    The following code example shows how to remove task metadata from the Dynamics Security Service.

    // Instantiate the TaskService object.

TaskService taskService = TaskService.GetInstance(); try { // Delete the specified tasks taskService.DeleteTask(securityContext, viewTaskKey); taskService.DeleteTask(securityContext, manageTaskKey); } catch (NonExistentSecurityObjectException) { // If the task does not exist, no action is needed. // Trap the error and continue. }

  1. Remove operations.

    Use DeleteOperation of the Microsoft.Dynamics.Security.OperationService to remove the security operations that you added. Use an OperationKey object to specify the operation.

    The following code example shows how to remove operation metadata from the Dynamics Security Service.

    // Instantiate an OperationService object.

OperationService opService = OperationService.GetInstance(); foreach (OperationKey key in opKeys) { try { opService.DeleteOperation(securityContext, key); } catch (NonExistentSecurityObjectException) { // If the operation does not exist, no action is needed. // Trap the error and continue. } }

  1. Add the method to Main.

    In the Main method, add statements that run the Remove method when the command line parameter is "/remove".

    The following code example shows how the remove method is called.

    if (args[0].ToLowerInvariant() == "/remove")

{ addLeads.Remove(); Console.WriteLine("The Lead operations have been removed from Dynamics GP security."); Console.WriteLine(""); }