Security Role Properties

[アーティクル]
05/18/2015

Applies To: Microsoft Dynamics AX 2012 R3, Microsoft Dynamics AX 2012 R2, Microsoft Dynamics AX 2012 Feature Pack, Microsoft Dynamics AX 2012

In Microsoft Dynamics AX, roles represent a collection of permissions, which can be granted to users. The nodes that are nested underneath each role node identify various securable objects that a user can access. And the nested nodes specify the level of access.

Role Node in the AOT

Roles are used to give access to securable objects. The following list shows the hierarchy of role nodes in the AOT:

Security
- Roles
  - YourRole
    - Duties
    - Privileges
    - Permissions
      - Tables
      - Forms
      - Server Methods
    - Sub Roles

Roles are typically associated with security duties, and sometimes, security privileges. Access levels to securable objects within a role are derived from the duties, privileges, or both. Roles can also override the access levels to securable objects under the Permissions node.

Role Properties

This section describes the properties for the AOT node at Security > Roles > YourRole.

Property	Required	Description
Name	Yes	The name of the role.
Label	Yes	The text that appears on the user interface for the role.
Description	Yes	The description of the role.
Enabled	Yes	The enable value. This field can contain one of these values: Yes. Enable the role. No. Disable the role.
PastDataAccess	Yes	Specifies the past data access for the tables with date effective fields. The value can be one of the following: Read Update Create Correct Delete NoAccess The permission values for the PastDataAccess property represent a hierarchy. Read is the weakest permission, and Delete is the strongest. Delete permission includes every other permission. Create permission includes Update and Read. You can set the permission value to NoAccess to prevent all access to the table.
CurrentDataAccess	Yes	Specifies the current data access for the tables with date effective fields.
FutureDataAccess	Yes	Specifies the future data access for the tables with date effective fields.
ContextString	Optional	A user-defined string that can be used by security policies.

Duty Properties

This section describes the properties for the AOT node at Security > Roles > Duties > YourDuty.

Property	Required	Description
Name	Yes	The name of the duty.
Enabled	Yes	The enable value. The value can be one of the following: Yes. Enables the duty. No. Disables the duty.

Name

Yes

The name of the duty.

Enabled

Yes

The enable value. The value can be one of the following:

Yes. Enables the duty.
No. Disables the duty.

Privilege Properties

This section describes the properties for the AOT node at Security > Roles > Privileges > YourPrivilege.

Property	Required	Description
Name	Yes	The name of the privilege.
Enabled	Yes	The enable value. The value can be one of the following: Yes. Enables the privilege. No. Disables the privilege.

Name

Yes

The name of the privilege.

Enabled

Yes

The enable value. The value can be one of the following:

Yes. Enables the privilege.
No. Disables the privilege.

Table Properties

This section describes the properties for the AOT node at Security > Roles > Permissions > Tables > YourTable.

Property	Required	Description
Table	Yes	The name of the table.
EffectiveAccess	Yes	The permission value. The value can be one of the following: Read Update Create Correct Delete NoAccess The permission values for the EffectiveAccess property represent a hierarchy. Read is the weakest permission, and Delete is the strongest. Delete permission includes every other permission. Create permission includes Update and Read. You can set the permission value to NoAccess to prevent all access to the table.
ManagedBy	Optional	This property is reserved for use by automation tools.

Table

Yes

The name of the table.

EffectiveAccess

Yes

The permission value. The value can be one of the following:

Read
Update
Create
Correct
Delete
NoAccess

The permission values for the EffectiveAccess property represent a hierarchy. Read is the weakest permission, and Delete is the strongest. Delete permission includes every other permission. Create permission includes Update and Read. You can set the permission value to NoAccess to prevent all access to the table.

ManagedBy

Optional

This property is reserved for use by automation tools.

Form Properties

This section describes the properties for the AOT node at Security > Roles > Permissions > Form > YourForm.

Property	Required	Description
Form	Yes	The name of the form.

Server Method Properties

This section describes the properties for the AOT node at Security > Roles > Permissions > Server Methods > YourServerMethod.

Property	Required	Description
Class	Yes	The name of the server class.
Method	Yes	The name of the secure server method tagged with the SysEntryPointAttribute attribute.
EffectiveAccess	Yes	The permission value. The value can be one of the following: Invoke. The server method can be called. NoAccess. The server method cannot be called.
ManagedBy	Optional	This property is reserved for use by automation tools.

Sub Role Properties

This section describes the properties for the AOT node at Security > Roles > Sub Roles > YourSubRole.

Property	Required	Description
Name	Yes	The name of the subrole.
Enabled	Yes	The enable value. The value can be one of the following: Yes. Enables the subrole. No. Disables the subrole.

Name

Yes

The name of the subrole.

Enabled

Yes

The enable value. The value can be one of the following:

Yes. Enables the subrole.
No. Disables the subrole.

次の方法で共有

Security Role Properties

Role Node in the AOT

Role Properties

Duty Properties

Privilege Properties

Table Properties

Form Properties

Server Method Properties

Sub Role Properties

See also

その他のリソース