
サンプル: フィールドのアクセス許可の取得


公開日: 2016年11月

対象: Dynamics CRM 2015

このサンプル コードは、Microsoft Dynamics CRM 2015 および Microsoft Dynamics CRM Online 2015 更新プログラム 向けです。 Microsoft Dynamics CRM SDK パッケージをダウンロードします。 このサンプル コードは、ダウンロード パッケージの次の場所にあります。



この SDK で提供するサンプル コードを実行するために必要な要件については、「サンプルとヘルパー コードの使用」を参照してください。


このサンプルは、フィールド セキュリティ エンティティで説明されている手順に従って、ユーザーがセキュリティで保護されたフィールドを取得する方法を示しています。

// Connect to the Organization service. 
// The using statement assures that the service proxy will be properly disposed.
using (_serviceProxy = new OrganizationServiceProxy(serverConfig.OrganizationUri, serverConfig.HomeRealmUri,serverConfig.Credentials, serverConfig.DeviceCredentials))
    // This statement is required to enable early-bound type support.


    // Create Field Security Profile.
    FieldSecurityProfile managersProfile = new FieldSecurityProfile();
    managersProfile.Name = "Managers";
    _profileId = _serviceProxy.Create(managersProfile);
    Console.Write("Created Profile, ");

    // Add team to profile.
    AssociateRequest teamToProfile = new AssociateRequest()
        Target = new EntityReference(FieldSecurityProfile.EntityLogicalName,
        RelatedEntities = new EntityReferenceCollection()
            new EntityReference(Team.EntityLogicalName, _teamId)
        Relationship = new Relationship("teamprofiles_association")

    // Add user to the profile.
    AssociateRequest userToProfile = new AssociateRequest()
        Target = new EntityReference(FieldSecurityProfile.EntityLogicalName,
        RelatedEntities = new EntityReferenceCollection()
            new EntityReference(SystemUser.EntityLogicalName, _userId)
        Relationship = new Relationship("systemuserprofiles_association")

    // Create custom activity entity.
    CreateEntityRequest req = new CreateEntityRequest()
        Entity = new EntityMetadata
            LogicalName = "new_tweet",
            DisplayName = new Label("Tweet", 1033),
            DisplayCollectionName = new Label("Tweet", 1033),
            OwnershipType = OwnershipTypes.UserOwned,
            SchemaName = "New_Tweet",
            IsActivity = true,
            IsAvailableOffline = true,
            IsAuditEnabled = new BooleanManagedProperty(true),
            IsMailMergeEnabled = new BooleanManagedProperty(false),
        HasActivities = false,
        HasNotes = true,
        PrimaryAttribute = new StringAttributeMetadata()
            SchemaName = "Subject",
            LogicalName = "subject",
            RequiredLevel = new AttributeRequiredLevelManagedProperty(
            MaxLength = 100,
            DisplayName = new Label("Subject", 1033)
    Console.Write("Entity Created, ");

    // Add privileges for the Tweet entity to the Marketing Role.
    RolePrivilege[] privileges = new RolePrivilege[3];

    // SDK: prvCreateActivity
    privileges[0] = new RolePrivilege();
    privileges[0].PrivilegeId = new Guid("{091DF793-FE5E-44D4-B4CA-7E3F580C4664}");
    privileges[0].Depth = PrivilegeDepth.Global;

    // SDK: prvReadActivity
    privileges[1] = new RolePrivilege();
    privileges[1].PrivilegeId = new Guid("{650C14FE-3521-45FE-A000-84138688E45D}");
    privileges[1].Depth = PrivilegeDepth.Global;

    // SDK: prvWriteActivity
    privileges[2] = new RolePrivilege();
    privileges[2].PrivilegeId = new Guid("{0DC8F72C-57D5-4B4D-8892-FE6AAC0E4B81}");
    privileges[2].Depth = PrivilegeDepth.Global;

    // Create and execute the request.
    AddPrivilegesRoleRequest request = new AddPrivilegesRoleRequest()
        RoleId = _roleId,
        Privileges = privileges
    AddPrivilegesRoleResponse response =

    // Create custom identity attribute.
    CreateAttributeRequest attrReq = new CreateAttributeRequest()
        Attribute = new StringAttributeMetadata()
            LogicalName = "new_identity",
            DisplayName = new Label("Identity", 1033),
            SchemaName = "New_Identity",
            MaxLength = 500,
            RequiredLevel = new AttributeRequiredLevelManagedProperty(
            IsSecured = true
        EntityName = "new_tweet"
    CreateAttributeResponse identityAttributeResponse =
    _identityId = identityAttributeResponse.AttributeId;
    Console.Write("Identity Created, ");

    // Create custom message attribute.
    attrReq = new CreateAttributeRequest()
        Attribute = new StringAttributeMetadata()
            LogicalName = "new_message",
            DisplayName = new Label("Message", 1033),
            SchemaName = "New_Message",
            MaxLength = 140,
            RequiredLevel = new AttributeRequiredLevelManagedProperty(
            IsSecured = true
        EntityName = "new_tweet"
    CreateAttributeResponse messageAttributeResponse =
    _messageId = messageAttributeResponse.AttributeId;
    Console.Write("Message Created, ");

    // Create field permission object for Identity.
    FieldPermission identityPermission = new FieldPermission();
    identityPermission.AttributeLogicalName = "new_identity";
    identityPermission.EntityName = "new_tweet";
    identityPermission.CanRead = new OptionSetValue(FieldPermissionType.Allowed);
    identityPermission.FieldSecurityProfileId = new EntityReference(
        FieldSecurityProfile.EntityLogicalName, _profileId);
    _identityPermissionId = _serviceProxy.Create(identityPermission);
    Console.Write("Permission Created, ");

    // Create list for storing retrieved profiles.
    List<Guid> profileIds = new List<Guid>();

    // Build query to obtain the field security profiles.
    QueryExpression qe = new QueryExpression()
        EntityName = FieldSecurityProfile.EntityLogicalName,
        ColumnSet = new ColumnSet("fieldsecurityprofileid"),
        LinkEntities =
            new LinkEntity
                LinkFromEntityName = FieldSecurityProfile.EntityLogicalName,
                LinkToEntityName = SystemUser.EntityLogicalName,
                LinkCriteria = 
                    Conditions = 
                        new ConditionExpression("systemuserid", ConditionOperator.Equal, _userId)

    // Execute the query and obtain the results.
    RetrieveMultipleRequest rmRequest = new RetrieveMultipleRequest()
        Query = qe

    EntityCollection bec = ((RetrieveMultipleResponse)_serviceProxy.Execute(

    // Extract profiles from query result.
    foreach (FieldSecurityProfile profileEnt in bec.Entities)
    Console.Write("Profiles Retrieved, ");

    // Retrieve attribute permissions of a FieldSecurityProfile.
    DataCollection<Entity> dc;

    // Retrieve the attributes.
    QueryByAttribute qba = new QueryByAttribute(FieldPermission.EntityLogicalName);
    qba.AddAttributeValue("fieldsecurityprofileid", _profileId);
    qba.ColumnSet = new ColumnSet("attributelogicalname");

    dc = _serviceProxy.RetrieveMultiple(qba).Entities;
    Console.Write("Attributes Retrieved. ");



Microsoft Dynamics CRM 2015 で、フィールド セキュリティを使用してフィールド値へのアクセスを制御する方法
フィールド セキュリティ エンティティ

