Assign a Custom Role to a User
This sample assigns a custom security role to a user.
Class Reference
Schema Reference
- role.xsd
Example
[C#]
public void AssignCustomRole()
{
// strServer should be set with the name of the platform Web server
String strServer = "MyServerName";
// strVirtualDirectory should be set with the name of the Microsoft CRM
// virtual directory on the platform Web server
String strVirtualDirectory = "mscrmservices";
// Create the URL to the SRF files for platform objects
String strDir = String.Concat("https://", strServer, "/",
strVirtualDirectory, "/");
// BizUser proxy object
Microsoft.Crm.Platform.Proxy.BizUser bizUser
= new Microsoft.Crm.Platform.Proxy.BizUser ();
bizUser.Credentials = System.Net.CredentialCache.DefaultCredentials;
bizUser.Url = String.Concat(strDir, "BizUser.srf");
// SecRole proxy object
Microsoft.Crm.Platform.Proxy.SecRole secRole
= new Microsoft.Crm.Platform.Proxy.SecRole ();
secRole.Credentials = System.Net.CredentialCache.DefaultCredentials;
secRole.Url = String.Concat(strDir, "SecRole.srf");
String strErrorMsg;
try
{
// Get the UserAuth of the currently logged on user
Microsoft.Crm.Platform.Proxy.CUserAuth userAuth = bizUser.WhoAmI();
// Build a role XML string in the business unit of the caller
// Name of the role should be unique in an organization
StringBuilder secRoleXml = new StringBuilder("<role>");
secRoleXml.Append("<name>Sales Assistant</name><businessunitid>");
secRoleXml.Append(userAuth.MerchantId.ToString());
secRoleXml.Append("</businessunitid></role>");
// Array for role IDs
String[] roleIds = new String[1];
// Create a custom role
roleIds[0] = secRole.Create(userAuth, secRoleXml.ToString());
// Array for privilege IDs
Microsoft.Crm.Platform.Proxy.CRolePrivilege[] privilegeIds
= new Microsoft.Crm.Platform.Proxy.CRolePrivilege[2];
// Get a couple of privileges to be added to this role
privilegeIds[0]
= new Microsoft.Crm.Platform.Proxy.CRolePrivilege();
privilegeIds[1]
= new Microsoft.Crm.Platform.Proxy.CRolePrivilege();
// Users can create accounts (BASIC)
privilegeIds[0].PrivilegeId
= "{D26FE964-230B-42DD-AD93-5CC879DE411E}";
privilegeIds[0].Depth
= Microsoft.Crm.Platform.Proxy.PRIVILEGE_DEPTH.BASIC;
// Users can read accounts (BASIC)
privilegeIds[1].PrivilegeId
= "{886B280C-6396-4D56-A0A3-2C1B0A50CEB0}";
privilegeIds[1].Depth
= Microsoft.Crm.Platform.Proxy.PRIVILEGE_DEPTH.BASIC;
// Add a couple of privileges to the role
secRole.AddPrivileges(userAuth, roleIds[0], privilegeIds);
// Assign the custom role to the caller user
secRole.AssignUserRoles(userAuth, userAuth.UserId, roleIds);
}
catch (System.Web.Services.Protocols.SoapException err)
{
// Process the platform error here
strErrorMsg = String.Concat("ErrorMessage: ", err.Message, " ",
err.Detail.OuterXml, " Source: ", err.Source);
}
}