Documents

Ax2012 Enus Devii 06

Description
Chapter 6: Security for Developers 6-1 CHAPTER 6: SECURITY FOR DEVELOPERS Objectives The objectives are: ã Set permissions on application elements. ã Design and create security policies. ã Secure unsafe Application Programming Interfaces (APIs) using the Code Access Security framework. ã Authenticate data returned from display methods. Introduction This chapter introduces some more advanced security features of Microsoft Dynamics AX. Microsoft Official Training Material
Categories
Published
of 12
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Related Documents
Share
Transcript
  Chapter 6: Security for Developers 6-1 CHAPTER 6: SECURITY FOR DEVELOPERS Objectives The objectives are: ã   Set permissions on application elements. ã   Design and create security policies. ã   Secure unsafe Application Programming Interfaces (APIs) using the Code Access Security framework. ã   Authenticate data returned from display methods. Introduction This chapter introduces some more advanced security features of Microsoft Dynamics AX.  Development II in Microsoft Dynamics ®  AX 2012 6-2 Permissions The Development I in Microsoft Dynamics AX 2012 training course discussed roles duties and privileges. These security levels cover access to single elements, for example forms, and groups of elements needed to perform a duty. A developer is responsible for defining more granular security levels by setting access on tables and controls in a form, or by associating classes that perform an action with a permission. Form Permissions Each form in the Application Object Tree (AOT) has a permissions node that contains either four or five sub-nodes - Read, Update, Create, Delete and Correct. Correct is only displayed if a table in the form has Date Effective data. Under these nodes are four additional nodes - Controls, Tables, Server Methods and Associated Forms. When a table is added to a form data source, the table is automatically added to the Tables node for each of the Permissions sub-nodes. Each of the nodes under the Tables node has an EffectiveAccess  property which sets what access is allowed to the table The EffectiveAccess  property is automatically set based on properties on the data source. If the data source property AllowDelete  is set to No , the EffectiveAccess  property is set to Update . If the data source property AllowEdit is set to No , the EffectiveAcces  property is set to Read . FIGURE 6.1 EFFECTIVE ACCESS IN THE VENDOR INVOICE JOURNAL FORM To set access for a control in the form, set the Securable  property on the control to Yes . The control can then be added to the Controls  node under each of the  permissions nodes.  Chapter 6: Security for Developers 6-3 Code Permissions Code permissions are a set of custom permissions that are created manually in the AOT under Security >  Code Permissions . Menu items, especially Action menu items, can use these by setting the LinkedPermissionType  property to CodePermission  and the LinkedPermissionObject  to the name of the code  permission. Service operations can also use code permissions by setting the Code Permission  property under the Service operation >  Operation method >  Permissions >  Associated Code Permissions  node. FIGURE 6.2 ACCESS TO POST A FREE TEXT INVOICE Security Policies Security policies use Extensible Data Security (XDS). Definitions The following definitions are used in conjunction with XDS. Constrained table : This table or tables hold the data filtered based on the policy. Primary table : This table is used to determine how data is filtered. For example, for a filter based on an employee, the primary table would be the HcmWorker table. Policy query : This query is used to return data from the primary table that is then used to filter the data in the constrained table. Context : This controls the circumstances under which the policy is applied. There are two types of context: ã   Role contexts means the policy is applied if the user is assigned to the role. ã   Application contexts means the policy is applied based on information set by the application.  Development II in Microsoft Dynamics ®  AX 2012 6-4 Scenario: Developing an XDS Policy This procedure will show how to create a security policy that limiting users from viewing other users prospects. In some sales environments, sales people closely guard their prospect information, and they do not want other sales people to view their prospects data. A prospect is stored in the smmBusRelTable. The employee who is responsible for the prospect is stored in the MainContactWorker field. An employee is connected to the current user through the DirPerson and DirPersonUser tables. There are two stages in creating the XDS policy - create the policy query and create the security policy. Procedure: Creating a Policy Query The steps to create the policy query are as follows: 1.   In the AOT, create a new query , rename it to HcmWorkerUser . 2.   From a second AOT, locate the table Data Dictionary >  Tables >  HcmWorker . 3.   Drag the table HcmWorker  to the Data Souces node of the query. 4.   In the property sheet of the Fields .node of the HcmWorker  _  1  data source, set the Dynamic  property to Yes . 5.   From the second AOT, locate the table Data Dictionary >  Tables > DirPerson . 6.   Drag the table DirPerson to the Data Sources node of the HcmWorker  _  1 data source. 7.   In the property sheet for the DirPerson  _  1  data source, set the Relations  property to Yes.  8.   In the property sheet for the Fields node of the DirPerson  _  1  data source, set the Dynamic  property to Yes . 9.   From the second AOT, drag the table DirPersonUser to the Data Sources node of the DirPerson  _  1 data source. 10.   In the property sheet for the DirPersonUser  _  1  data source, set the Relations  property to Yes . 11.   In the property sheet for the Fields node of the DirPersonUser  _  1  data source, set the Dynamic  property to Yes .
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks