Modifier

Partager via


AppSourceCop Warning AS0103

Table definitions must have a matching permission set.

Description

Table definitions must have a matching permission set.

Remarks

To prevent runtime issues caused by missing permissions, all table definitions in your extension must be included in a permission set.

How to fix this diagnostic?

Permissions can be defined either by using XML, or by using AL permission set objects.

To generate XML permission sets, you can use the dedicated command in Visual Studio Code:

  1. Select Ctrl+Shift+P to open the command palette.
  2. Select AL: Generate permission set containing current extension objects. This will generate the XML permission set for your extension.
  3. Rebuild your extension by selecting Ctrl+Shift+B to package the permission set with your extension.

For more information about AL permission sets, see Permission Set Object.

Code examples not triggering the rule

For the following example, let's consider an extension that has the following source code:

table 50100 MyTable
{
    fields
    {
        field(1; MyField; Integer) { }
    }
}

Example 1 - Permission defined in XML

<?xml version="1.0" encoding="utf-8"?>
<PermissionSets>
  <PermissionSet RoleID="ALPROJECT15" RoleName="ALProject15">
    <Permission>
      <ObjectID>50100</ObjectID>
      <ObjectType>0</ObjectType>
      <ReadPermission>1</ReadPermission>
      <InsertPermission>1</InsertPermission>
      <ModifyPermission>1</ModifyPermission>
      <DeletePermission>1</DeletePermission>
      <ExecutePermission>0</ExecutePermission>
      <SecurityFilter />
    </Permission>
  </PermissionSet>
</PermissionSets>

The XML permission set grants access to the table and thereby satisfies the validation. However, the XML approach is discouraged by the AppSourceCop rule AS0094, in which it is recommended instead to use the AL Permission Set object (see Example 2).

Example 2 - Permission defined in AL

permissionset 50100 MyPermissionSet
{
    Assignable = true;
    Permissions = tabledata MyTable = RIMD;
}

The AL permission set grants access to the table and thereby satisfies the validation.

Note

You can grant access to all your tables using *. For instance tabledata * = R; grants read access to all of them.

AppSourceCop Analyzer
Get Started with AL
Developing Extensions