Security Dependencies
Sometimes security dependencies exist because it is necessary to have more than one access right to perform a given action. For example, if you have the access right CRM_ACCESS_CREATE for accounts, you can create an account object. However, unless you also have CRM_ACCESS_READ access for accounts, you cannot create an account and be the owner of that new account. You can find the access rights enumeration in the ACCESSRIGHTS class.
The following table shows the access right dependencies for the actions specified.
Action | Access rights required |
To Create an object and be the object owner | CRM_ACCESS_CREATE
CRM_ACCESS_READ |
To Share an object | CRM_ACCESS_SHARE – required by the person doing the share operation.
CRM_ACCESS_READ – required by the person doing the share operation and also by the person with whom the object is being shared. |
To Assign an object | CRM_ACCESS_ASSIGN
CRM_ACCESS_WRITE CRM_ACCESS_READ |
To Append To an object | CRM_ACCESS_READ
CRM_ACCESS_APPENDTO |
To Append an object | CRM_ACCESS_READ
CRM_ACCESS_APPEND |
Another type of dependency exists when objects are subordinate to another object. The opportunity object cannot exist on its own. The opportunity object is always attached to an account. In this case, in order to create an opportunity, you must have the access right CRM_ACCESS_APPENDTO on accounts, as well as the access right CRM_ACCESS_APPEND on opportunities.