Hi experts
We are in the process of redesigning our security roles and we found the best way to restrict something to users is to restrict access to the forms (write, delete, etc)
However, there is a problem with the creation of new G/L accounts. It creates them with direct posting set by default which is fine for 90-95% of the accounts. But, if this is a control account we don't need to have direct posting.
Is there a way I can make Navision to look for the value of Direct Posting of surrounding accounts (above & under) have and use the same....?
Far fetch ah :roll:
0
Comments
My Blog - nav.education
This is not something someone may not understand but want to "fix" with a potential error
If you are creating new Roles give the GL account table modify access only to your top financial people.
Because creating new G/L accounts is something done every day by accountants. We don't want to restrict them from creating these accounts and asking their manager's (higher access level) to create/adjust these accounts.
Our goal is to modify standard access beased on frequency. This is something done often so we don't want to restrict it. However, we don't want these users to be able to change Direct posting whenever they want...Hope this makes it clearer.
What I did was to give read access to tabledata and, in the form read and indirect on execute.
I can see the section (i.e. Company Information) but when I click it it says I don't have access. I want the users to be able to access to see this information but not be able to edit/add anything.
Thanks
Of course, user must have permission to run debugger.
TVision Technology Ltd
We are not a partner but a big client
Our users work on multiple companies and they need to have access to add new accounts often.
I need all users to have access to Data Migration in order to import Teplate data to the new company. I have a problem when I apply the data imported and get migration errors in most of the tables, because I have restricted access to most of them.
I then had a look on the role's permission and added indirect on Insert, Modify & Delete permissions. However, nothing happened...I had to add full permission (Yes to all three above) to make it work that defeats the purpose of all this...
:?
It's the "Permissions" property on the dataport (codeunit etc) property list.
TVision Technology Ltd
(this thread now gets a little messy because you asked two distinct questions in the same thread. Always start a new thread for a new question.)
Yes there is. Use the OnNewRecord trigger of the form.
You can find an example for this on the Sales Order Subform regarding the Type field. If you need to have more environment then you have to explore it yourself using a record variable.
Another approach was to disallow a user to create an account from scratch and instead force him to copy a similar account and modify if (much like the Copy Sales Document report).
The object that you're running, eg the form on your screen is the one that's doing the database access so it needs the table added to it's "Permissions" property before it will take notice of any indirect permissions given to the user.
For posting it'll be one of the codeunits (12, 22, etc) for most anything it's the object that the debugger shows when you get the permission error.
TVision Technology Ltd
rdebath, I have form 0 access to yes on all permissions so ideally this shouldn't be a problem...correct? :?
This is a property in the form itself called Permissions.
TVision Technology Ltd