[SOLVED] User card page - You have not been granted permission to perform current activity

Tomigs

Hello,

I read that the session table can only be accessed from NAV if you are SUPER.
(https://community.dynamics.com/nav/f/34/t/141815?pi51428=1#responses)

I wonder if something similar can be the case for accessing the user card?

My scenario is in NAV2013R2.

I go to the users list page and from there I try to access another user's card. Then I get the error:

You have not been granted permission to perform the current activity.
Page Edit - User Card must close.

The user is not SUPER, but among others it has the BASIC that includes read permission to the user table (2000000120). It is sysadmin in SQL.

I debug it and it cracks in codeunit 9801 Identity Management, in the following function:
GetWebServiceExpiryDate(UserSecurityID : GUID) ExpiryDate : DateTime
IF NOT UserAccountHelper.TryGetWebServicesKey(UserSecurityID,Key,ExpiryDate) THEN
ERROR(GETLASTERRORTEXT);

but I don't know what happens inside that TryGetWebServicesKey function.

Any advice on this?

Thanks,

Tomas

Rwothoromo

Check if the user has Modify or Insert Permissions

Tomigs

Hi Rwothoromo,

Thank you for your answer.

If you are referring to the NAV permission set that the user has, yes it had insert and modify permissions in that table. In fact I tried using a permission set "LikeSuper" that gives permission to all table data (0), but still the same result.




Lacking other solution, we have left it as SUPER right now.

Thanks,

Tomas

filmshelf

Hi,
I have the same problem.
Did you solve it? and could you please share with me the solution?

filmshelf

filmshelf wrote: »

Hi,
I have the same problem.
Did you solve it? and could you please share with me the solution?

oh, sorry, i saw your solution is "have left it as SUPER right now."

Tomigs

Hi filmshelf,

Yes, I haven't done any progress on this. Just left it as SUPER.

Regards,
Tomas

Tomigs

Hi again,

We may have finally found a solution for this issue using the SECURITY permission set.

This permission came with older versions of NAV, but it does not come in the default standard permission sets for NAV2013 so we had to create it (discussed here http://forum.mibuso.com/discussion/63546).

Adding this permission set to a non SUPER user, seems to work as we wanted to:
- Allows the user to edit non-SUPER users.
- Allows the user to edit his own permissions but it does not let him add the SUPER permission to himself.
- It does not allow the user to edit SUPER users.

For the permissions included, I just tried to adapt the NAV2009 standard Security permissions:



At SQL level the user is sysadmin, but haven't tested it with public. It might work.

Regards,

Tomas

dhh_nz

Thanks Tomas,
I can confirm the above works on NAV 2016 with the addition of Table Data 2000000121 "User Property" added to the SECURITY permission set.

User does not need to be sysadmin in SQL.
When assigning the SECURITY permission set to a user, you cannot apply a company filter.

Cheers,
Dean.