Is it possible to damage books with an extension?

chrmrn
chrmrn Member Posts: 12
in NAV Three Tier
Yes, it is!

Try to publish and run that:

codeunit 50112 DeleteGLE
{
procedure OnRun();
var
gle: Record "G/L Entry";
begin
Message('this will delete 1st G/L Entry');
gle.FindFirst();
gle.Delete();
end;
}

This works at current BC Spring Release.
As you can see no permission to G/L Entry was granted.
Any idea why it is wrong?

Answers

  • TallyHo
    TallyHo Member Posts: 417
    Are you sure the servicetier is running under a customer license? If so, this is quite troublesome.
  • chrmrn
    chrmrn Member Posts: 12
    It is MS SaaS cloud
  • TallyHo
    TallyHo Member Posts: 417
    I know Oracle based ERP that allows it all. 'Safe zones' do not exist in the database. Maybe MS is just letting go.
  • chrmrn
    chrmrn Member Posts: 12
    This is illegal in some countries. The system will not be validated.
  • TallyHo
    TallyHo Member Posts: 417
    edited 2019-06-21
    Auditors know the ease a GL record can be deleted using a simple SQL statement (embedded in AL).
    But I'm sure you're right. Some might be very strict on that. And with the saas environments on the rise this could be implemented like brick again. But on premise..

  • chrmrn
    chrmrn Member Posts: 12
    edited 2019-06-21
    This makes Indirect Access Permissions nonsense!
  • TallyHo
    TallyHo Member Posts: 417
    No, this makes forced permissions by MS nonsense. Permissions are very much needed (direct and indirect), but can be fully controlled by the customer.

Categories