Microsoft Dynamics AX 2012 Security Policies Extensible Data Security (XDS)- Create a Policy Query
In a previous article we learned high level detail of Security policies for Extensible Data Security. In this article, we will discuss in detail how to create a security policy limiting users from viewing other users prospects. In some sales environments, sales people closely guard their prospect information, and they do not want other sales people to view their prospects data.
- A prospect is stored in the smmBusRelTable.
- The person who is responsible for the prospect is stored in the MainContactWorker field.
- An employee is connected to the current user through the DirPerson and DirPersonUsertables.
There are two stages in creating the XDS policy:
-
- Policy query
- Security policy.
In this article we will cover Policy Query:
The follows are the steps to create the policy query:
-
- In the AOT open two AOT Nodes
https://community.dynamics.com/resized-image.ashx/__size/550x0/__key/communityserver-blogs-components-weblogfiles/00-00-00-09-91/0825.1.jpg
2. Create a new query in AOT, rename it to HcmSalesUser.
https://community.dynamics.com/resized-image.ashx/__size/550x0/__key/communityserver-blogs-components-weblogfiles/00-00-00-09-91/5732.2.jpg
3. From a second AOT, locate the table Data Dictionary > Tables >HcmWorker.
https://community.dynamics.com/resized-image.ashx/__size/550x0/__key/communityserver-blogs-components-weblogfiles/00-00-00-09-91/8168.3.jpg
4. Drag the table HcmWorker to the Data Souces node of the query HcmSalesUser.
https://community.dynamics.com/resized-image.ashx/__size/550x0/__key/communityserver-blogs-components-weblogfiles/00-00-00-09-91/5584.4.jpg
5. In the property sheet of the Fields node of the HcmWorker_1 data source, set the Dynamic property to Yes.
https://community.dynamics.com/resized-image.ashx/__size/550x0/__key/communityserver-blogs-components-weblogfiles/00-00-00-09-91/1447.5.jpg
6. From the second AOT, locate the table Data Dictionary > Tables >DirPerson.
https://community.dynamics.com/resized-image.ashx/__size/550x0/__key/communityserver-blogs-components-weblogfiles/00-00-00-09-91/5488.6.jpg
7. Drag the table DirPerson to the Data Sources node of the HcmWorker_1 data source.
https://community.dynamics.com/resized-image.ashx/__size/550x0/__key/communityserver-blogs-components-weblogfiles/00-00-00-09-91/3175.7.jpg
8. In the property sheet for the DirPerson_1 data source, set the Relations property to Yes.
https://community.dynamics.com/resized-image.ashx/__size/550x0/__key/communityserver-blogs-components-weblogfiles/00-00-00-09-91/0537.8.jpg
9. In the property sheet for the Fields node of the DirPerson_1 data source, set the Dynamic property to Yes.
https://community.dynamics.com/resized-image.ashx/__size/550x0/__key/communityserver-blogs-components-weblogfiles/00-00-00-09-91/1778.9.jpg
10. From the second AOT, drag the table DirPersonUser to the Data Sources node of the DirPerson_1 data source.
https://community.dynamics.com/resized-image.ashx/__size/550x0/__key/communityserver-blogs-components-weblogfiles/00-00-00-09-91/10.jpg
11. In the property sheet for the DirPersonUser_1 data source, set the Relations property to Yes.
https://community.dynamics.com/resized-image.ashx/__size/550x0/__key/communityserver-blogs-components-weblogfiles/00-00-00-09-91/11.jpg
12. In the property sheet for the Fields node of the DirPersonUser_1 data source, set the Dynamic property to Yes.
https://community.dynamics.com/resized-image.ashx/__size/550x0/__key/communityserver-blogs-components-weblogfiles/00-00-00-09-91/12.jpg
13. Right-click the Ranges node of the DirPersonUser_1 data source, and select New Range.
14. In the property sheet for the new range, set the Field property to User, and the Value property to (currentUserId()).
https://community.dynamics.com/resized-image.ashx/__size/550x0/__key/communityserver-blogs-components-weblogfiles/00-00-00-09-91/13_2D00_Ranges.jpg
15. Save your changes to the query.
Further we will cover Security Policy in detail!