Codeunit "User Permissions"
Exposes functionality to check if a user has SUPER permissions set assigned as well as removing such permissions set from a user.
Properties
| Name | Value |
|---|---|
| Access | Public |
| InherentEntitlements | X |
| InherentPermissions | X |
Methods
IsSuper
Checks whether the user has the SUPER permissions set.
procedure IsSuper(UserSecurityId: Guid): BooleanParameters
| Name | Type | Description |
|---|---|---|
| UserSecurityId | Guid |
The security ID assigned to the user. |
Returns
| Type | Description |
|---|---|
| Boolean |
True if the user has the SUPER permissions set. Otherwise, false. |
CanManageUsersOnTenant
Checks whether the user has permission to manage users in the tenant.
procedure CanManageUsersOnTenant(UserSecurityId: Guid): BooleanParameters
| Name | Type | Description |
|---|---|---|
| UserSecurityId | Guid |
The security ID of the user to check for. |
Returns
| Type | Description |
|---|---|
| Boolean |
True if the user with the given user security ID can manage users on tenant; false otherwise. |
HasUserPermissionSetAssigned
Checks whether a user has a specific permission set assigned.
procedure HasUserPermissionSetAssigned(UserSecurityId: Guid, Company: Text, RoleId: Code[20], Scope: Option, AppId: Guid): BooleanParameters
| Name | Type | Description |
|---|---|---|
| UserSecurityId | Guid |
The user's security ID. |
| Company | Text |
The company for which to check |
| RoleId | Code[20] |
The ID of the permission set. |
| Scope | Option |
The scope of the permission set. System or tenant. |
| AppId | Guid |
The app ID of the permission set. |
Returns
| Type | Description |
|---|---|
| Boolean |
True if the user has permission sets assigned. |
AssignPermissionSets
Assign a permission set to a given user
procedure AssignPermissionSets(var UserSecurityId: Guid, CompanyName: Text, var AggregatePermissionSet: Record "Aggregate Permission Set")Parameters
| Name | Type | Description |
|---|---|---|
| UserSecurityId | Guid |
The user's security ID. |
| CompanyName | Text |
The user's security ID. |
| AggregatePermissionSet | Table System.Security.AccessControl."Aggregate Permission Set" |
Permission sets to assign |
GetEffectivePermission
Gets the effective permissions for the current user in the current company.
procedure GetEffectivePermission(PermissionObjectType: Option, ObjectId: Integer): Record "Expanded Permission" temporaryParameters
| Name | Type | Description |
|---|---|---|
| PermissionObjectType | Option |
The object type to check for. |
| ObjectId | Integer |
The object ID to check for. |
Returns
| Type | Description |
|---|---|
| Table System.Security.AccessControl."Expanded Permission" |
Returns the effective permissions in a temporary expanded permission record. |
Examples
local procedure VerifyIndirectDeletePermission(TableId: Integer): Boolean var TempDummyExpandedPermission: Record "Expanded Permission" temporary; UserPermissions: Codeunit "User Permissions"; begin TempDummyExpandedPermission := UserPermissions.GetEffectivePermission(TempDummyExpandedPermission."Object Type"::"Table Data", TableId); exit(TempDummyExpandedPermission."Delete Permission" = TempDummyExpandedPermission."Delete Permission"::Indirect) end;