Company Level Permissions

AdrianAkers
AdrianAkers Member Posts: 137
edited 2009-10-30 in NAV Three Tier
Hi All,

We have a wierd problem using the webservices where if we assign company level permissions to a user then they lose access when calling the webservices. It is as though they are sudenly not authorised.

Let me give you an example.

User = BLOGGSJ
Companies in the database - Company A, Company B and Company C.
We have a website calling the webservices. In the web.config we store the company being used by our site. The webservice references are built according to this setting in the web.config in the data access layer of our website. Let us say in this example the web.config is set to "Company A".

If BLOGGSJ is setup with (for example) roles with NO company level permissions on them then they can call the webservices fine without any problem.

So if they were (examples, not actual roles!)...

ALL
POST G-L
READ CUSTOMER

Then they can call the webservices fine.

If however they are

ALL Company A
POST G-L Company A
READ CUSTOMER Company A
ALL Company B
POST G-L Company B
READ CUSTOMER Company B

Now the webservices stop working... even though they have access to "Company A".

Has anyone else come across this problem. It is as if as soon as we assign a company level permission to the user they do not have permissions to call the web services. Is this because the Web Service publishing is not company specific?

Look forward to responses.

Adrian

Comments

  • MChilari
    MChilari Member Posts: 47
    Are you using NAV 2009 or NAV 2009 SP1?

    I had similar kind of problem in NAV 2009, if we assign a company to a specific role then the users were not able to login to RTC, Microsoft has fixed this in NAV 2009 SP1.

    Thanks
    MC
  • AdrianAkers
    AdrianAkers Member Posts: 137
    Thanks for the reply.

    The problem we have is that the client is imminent to go-live. They have a mix of NAV Classic Users and some users only accessing via the Web Services and an IE front end. Some users will get access to both te IE front end and the Classic client therefore they need company level permissions.

    The client is not willing to upgrade to SP1 yet as they have only just signedd of 2009 without SP1.

    Was there a hotfix for this problem do you know?

    :-k
  • MChilari
    MChilari Member Posts: 47
    I had the same situation with our client and we just upgraded the Executables.. Database is in still NAV 2009, but the executables are in NAV 2009 SP1.

    Thanks
    MC
  • MarkBisson
    MarkBisson Member Posts: 1
    Hi,

    Can you confirm the steps you undertook to fix this problem by replacing the executables?

    Thanks,

    Mark B
  • Slawek_Guzek
    Slawek_Guzek Member Posts: 1,690
    Try to add a user to the default ALL role, but without specifying company for that role assigment (global ALL permissions).

    Giving a user per-company permissions only (as per example above) will not give him any access to company-independent tables, like table 2000000079 Object Tracking, heavily used by NST.

    Regards,
    Slawek
    Slawek Guzek
    Dynamics NAV, MS SQL Server, Wherescape RED;
    PRINCE2 Practitioner - License GR657010572SG
    GDPR Certified Data Protection Officer - PECB License DPCDPO1025070-2018-03

Categories