My company is using Microsoft Dynamic CRM 2011 and want to customize some features. A customization as described below:
“There is the password field of the Account ( used to login our company website). The password is only visible to account’s owner or to sale manager or to sales admin.”
How can I do that, that seem Field Security in MSCRM 2011 only support for User and Team. Please tell me how to do ( even by programming).
Field Security would be great for particular roles (sales manager etc) but not for "context aware" scenarios eg for the owner of the record.
Your best bet would be to create a custom entity for Password, make the primary field (name by default) NOT business required.
Create an N:1 relationship to Account, make the relationship "Parental" and make the lookup field Business Required. You will now see "Password" in the left navigation of the Account.
Edit Password form to have lookup to Account, and add text field for the password itself, and make the "name" field not visible by default so you can ignore it.
Create a security role (or edit existing ones) to give User level access rights to Password for the read, create, update, assign, and append privileges. Amend sales manager role to allow to read all Password records.
The parental relationship will mean that if an Account is re-assigned then so will the child Password record. But, someone could create a password record (so they own it) and link it to an Account (even one they don't own, possibly), without changing the owner to match the parent. So, create a workflow on the Password record create, re-parent or re-assign which will change the owner to the same as the parent account to tidy up this situation.
Edit the associated view for passwords to show the password field. Edit other views as required. (If you really want password visible on the Account form directly, use an inline grid set to use a minimum of space, no view selector etc. Still takes up far too much though, in reality.)
Hope this helps
This would be possible by using javascript.
Firstly, set the password field to not be visible by default - this will stop it appearing initially so that a user without permissions might see it (even briefly).
Secondly, provide a javascript function to look up the logged in user's roles. There are many ways of doing this, each with its own advantages and disadvantages. This link has a couple of ways you could use.
Thirdly, use this function and some extra javascript to check for the owner field to make the field visible/invisible.
As an example:
function CanUserSeePassword() {
var loggedInUserGuid = USER_ID;//USER_ID is built in CRM constant
if (RetrieveUserRoles(loggedInUserGuid)) {
SetPasswordFieldVisibility(true);
}
else {
var ownerGuid = Xrm.Page.getAttribute('ownerid').getValue()[0].id;
SetPasswordFieldVisibility(ownerGuid == USER_ID);
}
}
function SetPasswordFieldVisibility(isVisible) {
Xrm.Page.getAttribute('new_password').setVisible(isVisible);
}
function RetrieveUserRoles() {
//use code from link above to return a bool, either user is in appropriate security role, or is not
}
Bit rough 'n' ready, but will do the job.
