Howdy, Stranger!
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.6K Microsoft Dynamics NAV
- 18.6K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 115 Navision DOS
- 854 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 615 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 296 Dynamics CRM
- 109 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 993 SQL General
- 384 SQL Performance
- 34 SQL Tips & Tricks
- 34 Design Patterns (General & Best Practices)
- Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.7K General
- 1.1K General Chat
- 1.6K Website
- 79 Testing
- 1.2K Download section
- 23 How Tos section
- 259 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions
Confirmation of the Indirect permission logic in Navision
engsiong75
Member Posts: 143
Hi everyone
I am trying to create an indirect permission for my own program. This is what I found out. I have a new Report 50001 Create new Vendor. and a new Codeunit 50001 Vendor checking.
The report 50001 calls the the codeunit 50001 to create a new entry in the Vendor table. I give a user
Report 50001
Read: Yes
Insert: Yes
Modify: Yes
Delete : Yes
Codeunit 50001
Execute:Yes
Vendor Table
Read: Yes
Insert: Indirect
Modify:
Delete :
I found that my code could not undate the Vendor table. However, when I gave the permission to insert in the Codunit 50001 to the vendor table table, it gives the user the ability to Insert into the Vendor Table via the codeunit 50001. I also found that if the permission was changed to blank for the Vendor table in the permission table, the user could not update the vendor table from the codeunit 50001 even though the object has Permission to Insert to the Vendor Table.
Can anyone confirm my findings on the Indirect permission? I am going through all the Navision manuals for the Indirect permission and I do not find a clear point why the indirect works or does not work.
Thank you,
Tan Eng Siong
I am trying to create an indirect permission for my own program. This is what I found out. I have a new Report 50001 Create new Vendor. and a new Codeunit 50001 Vendor checking.
The report 50001 calls the the codeunit 50001 to create a new entry in the Vendor table. I give a user
Report 50001
Read: Yes
Insert: Yes
Modify: Yes
Delete : Yes
Codeunit 50001
Execute:Yes
Vendor Table
Read: Yes
Insert: Indirect
Modify:
Delete :
I found that my code could not undate the Vendor table. However, when I gave the permission to insert in the Codunit 50001 to the vendor table table, it gives the user the ability to Insert into the Vendor Table via the codeunit 50001. I also found that if the permission was changed to blank for the Vendor table in the permission table, the user could not update the vendor table from the codeunit 50001 even though the object has Permission to Insert to the Vendor Table.
Can anyone confirm my findings on the Indirect permission? I am going through all the Navision manuals for the Indirect permission and I do not find a clear point why the indirect works or does not work.
Thank you,
Tan Eng Siong
0
Comments
2) To have effective permissions, you need to have:
a) enough permissions for the object in license
b) enough permissions as user
c) enough permissions on object
it means, when using indirect permissions, you need to have indirect or full permissions in license, as user and if indirect in one of them, than you need permissions assigned on the object.
MVP - Dynamics NAV
My BLOG
NAVERTICA a.s.
I am aware of the license limitation. However, on the Vendor Table, I am allowed
Table 23: (Vendor)
Read=Yes
Insert=Yes
Modify=Yes
Delete=Yes
But as describe in my case, the codeunit will execute when it has permission to the Vendor Table RIMD (Read, Insert, Modify, Delete) and the Vendor Table has a permission of Insert=Indirect. It does not update if the Codeunit has the permission to the Vendor Table alone or if the user just has a permission of Insert=Indirect for the Vendor Table.
If the user have indirect and the object have no permissions, it is not enough.
You need to think about it that Indirect on user is one half of the permission, and the second half is the permission on the object. Only if you have both parts, you have access... ;-)
MVP - Dynamics NAV
My BLOG
NAVERTICA a.s.
Sometimes the license file only gives you indirect permission to perform operations on certain tables. Security permissions can also be used to give users only indirect permission to certain tables. If you only have indirect permission to, for example, insert data into a particular table, you cannot insert data into this table from the standard user interface. You must use a database object that has been given extra permission to insert data into the table in question.