Role-based security in Dynamics 365 for Operations. Export security changes and Security diagnostics tool.

As we know from my previous post we can create security artifacts from Visual Studio and user interface. Now we want to deploy them. All objects created in VS could be deployed via deployable package, there is no difference with any code you created. Changes done from UI could be deployed as data via data package. Out of the box we have three data entity to work with security customizations:

SecurityCustomizationEntities.jpg

In the export file for duty customization we will get duty name and xml object contains all privileges assigned to the duty. Other two (roles and privileges) have similar structure.

ExportedDutyChanges.jpg

ExportedDutyChangesXML.jpg

That’s a big improvement in security setup, because in AX 2012 it was hard to track what changes were done in test environment and should be transferred to live.

Security diagnostics tool

To easy the problem of security setup in AX 2012 we have Security Development Tool, unfortunately, it’s not available in current version (Microsoft is working on the replacement). However, there is another useful tool – Security diagnostics tool.

Each form in AX has “Options” tab on the action pane where you can find “Security diagnostics” button. It shows you a list of all roles, duties and privileges that grant access to current form. Using buttons on the top of the dialog you can add role to specific user, duty to specific role or privilege to specific duty to quickly grant access to current form.

SecurityDiagnosticsFromForm.jpg

Using task recorder to setup security.

Task recorder  has been re-built in current release and could be used in different scenarios apart of actual task recording. One of them is security setup, now you can analyse task recording with Security diagnostics tool.

Create task recording.

taskrecorder

taskrecordersteps

Save it.

taskrecordersavesteps

Go to System administrations -> Security -> Security diagnostics for task recordings and open saved recording.

SecurityDiagnosticsOpenRecording.jpg

As the result you will see all menu items involved. When you select user AX shows if he already has permission to entry points.

SecurityDiagnosticsSelectUser.jpg

“Add reference” button will open you Security diagnostics dialog, exactly the same we saw using Security diagnostics tool, where you can do all the setup.

SecurityDiagnosticsAddtoUsersRole.jpg