Tip #1207: Check applied entity permissions in portals

Liquid is a great templating language adding flexibility to your Dynamics 365 Portal templates. However, as any abstraction, it hides some of the things happening under the hood, including some security filtering. Consider this fragment running on authenticated page: And… the count is 2 while expected to be the total number of contacts in this […]

Tip #1156: Locked fields out of the box

Locked latch

Long time ago Stefan Strube sent me this tip, I filed it away and forgot all about it (sorry, Stefan!). Until last week, that is, when I started new deployment and customer had specific need for couple rollups on account entity. Good news was that those rollups are out of the box: opendeals and openrevenue, […]

Tip #1089: User Delete Privileges Stretch Further Than You Think

This one was discovered by my KPMG partners in crime Fiona Whiteing and Jijeesh Kunhiraman on a recent project. As you may know, for a record such as a Contact, if I own the record, I can see the child Activities whether my security role gives me permission or not. I do not know if […]

Tip #1086: Bring back content access levels

Protected area

Dynamics 365 Portals have a very convenient way to control access to knowledgebase articles – content access levels. Link contact, account, or web role to a content access level (e.g. Gold Partners), then simply associate that access level with a knowledgebase article and boom – that article is only available to the users associated with […]

Tip #1083: Don’t expire your passwords

Password

Mini Truckstop Jonas “The Shuffler” Rapp fed us a perfect question for a security slam dunk. Really? (Jonas’s words, not mine) Yes, really. We’ve already mentioned the brilliant password guidance in our tip 1031. Since some folks seem to have missed the memo, here’s the quote from the guidance (highlights are mine – g.d.). Most […]

Tip #1079: Security Design Principles

We have a lot of flexibility when it comes to security in Dynamics 365; field-level, record-level, hierarchy, ad hoc sharing and so on. Sometimes, depending on the requirements, there are a few ways to skin the cat (such a violent expression). Whenever you are presented with a range of options to solve a problem, it […]