Show/Hide ribbon button based on Security Role without writing code in Dynamics 365 CE?

Recently I have seen in a community post, there was a requirement to show/hide opportunity “Close as won” and “Close as lost” button based on user security role without writing any code. Ideally in this scenario we basically retrieve the user role name using web API and then based on that we return true/false to show/hide the button using ribbon workbench enable rule. But now days as you may know that most of the browser deprecated Synchronous call and reason why we are following some alternate options like here Andrew Butenko’s mentioned his blog, Thanks to Andrew for his blog and its really useful when you need to do an API call.

I thought why not we do this without writing code? and can we avoid hard-coded roles name in the code to make it more configurable way? is this possible? yes, it is possible without writing code and you can easily avoid hard-coded check instead give permission in the security roles, but for that we need to first be sure which access we will be used to show/hide button in the security role. There are two way we can do this .

  • Using Miscellaneous Privilege in security roles.
  • Using Entity privilege.

Using Miscellaneous Privilege in security roles.

You may be thinking why I have first chosen Miscellaneous privilege? Yes, because most of our non-System Admin Dynamics 365 user not using all the miscellaneous privilege and for them certain Miscellaneous access is useless unless they have System Administrator role. And using Entity Privilege Rule you need to depend on another entity access, in that case you need to create a dummy entity, or you need use some unused entity privilege for that. So, to avoid maintain additional entity, I have used here Miscellaneous privilege rules under display rules.

In my scenario my user assigned to “Sales Manager” security role and I don’t want that he will be able close opportunity as won. As I mentioned that for “Sales Manager” Security role is not a System Administrator and should not have most of miscellaneous privilege. So here you can see user does not have “Publish Duplicate Detection Rules”.

img1

Now lets open Ribbon workbench with opportunity entity. To do that you must create a solution and then include opportunity entity over there. Now open the solution using ribbon workbench. Find the button and click on “Customize Button” and then again right click on the button and click on “Customize Command”.

img2
img3

Once you do that, you can see   Display Rules for the button.

Right click to add Display Rule –

img4

Now in the Add Step choose “MiscellaneousPrivilgeRule”.

img5

Now here are the rule details which I have set –

img6

I have set here “Duplicate Detection” privilege depth “Basic” which means user with minimum access   “Basic” on duplicate detection can see the “Won” button.

Now associate rules to the command, and then publish.

img7

Now user having access “Sales Manager” login into Dynamics 365 and open an opportunity see “Close as won” button is not showing.

img8

Similarly, to bring back button for other user make sure you need to provide Miscellaneous privilege “Publish Duplicate Detection Rules” at least user level access to other security roles.

Using Entity privilege.

I don’t want to get into the details about entity privilege rules here , as the name suggest that you can show hide button based on certain entity privilege depth and type. This is a very useful features in Dynamics 365. You just need to define one entity depending on the privilege type/depths you can show hide the button. For example, lets suppose you want to hide if user does not have any access on “new_tesentity”, you can do create following rule.

img9

You can go ahead and check my next post to get more details about EntityPrivilegeRule.

And finally, please note that this is one of workaround, and you must choose Miscellaneous Privilege very carefully  and don’t forget to give other user access so that other user may not loose any expected functionality. If you think that you are ready to maintain additional entity you  can always go with create a new entity and use “EntityPrivilegeRule” under display rule.

Hope this useful for you!!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s