CRM 2013: Having trouble setting edit permission for wall notes
I am working on a CRM 2013 implementation and I have the following requirement:
Salespeople should be able to view all notes within their business unit. They should not be able to delete any notes and they should be able to modify only notes that they created.
I am not new to configuring security role permissions and I have no trouble achieving similar functionality with other entities. Notes however have stumped me.
In the Salesperson security role I configured the note entity as follows: Read: Organization, Create/Write/Append/AppendTo: User, Delete and Assign: None,
The result is that salespeople were correctly able to see all notes. However they were able to delete and note and edit any note within their business unit.
I then did some reading and it seemed that the "Profile Album" permissions under Custom Entities was also somehow related to wall notes. I configured Profile Album as follows: Read: Organization, Create: User, Others: None,
At this point my Salesperson use was no longer able to delete any wall notes. However, they could still edit wall notes owned by their business unit. Just for fun I removed edit permission entirely from the role and the salesperson was correctly unable to edit any records including their own.
Is there a bug with the notes write permission so that the user level confers business unit privileges?
I ran into a similar issue, and this is what I found:
Since notes have a parental relationship to its associated record, the permissions seem to flow down from the parent record.
I ended up creating a plug-in to prevent any user who didn't create the note from editing it, which was a huge pain.
Furthermore, there didn't seem to be any way to prevent users from trying to edit notes on the notes wall, so I ended up doing some HTML manipulation to prevent users from trying to edit notes that they hadn't created.
The business users ended up being happy with the functionality, but it did cost a little bit of time and money to get to the solution. See the attached screenshot.
- Regarding associating web roles to contact from Power Pages Portal
- lookupObject.getValue is not a function
- How to export/import Data from Microsoft Dynamics crm
- Microsoft.Identity.Client getting Error in C#
- Dynamics CRM security role privileges on Email entity
- Call external API to get a file and attach it in Notes
- Deploy CRM solution using Package Deployer as update instead of upgrade
- unable to load CRM organization
- Cannot Open PluginRegistration
- The transaction log for the database is full
- Get Email (V2) in power automate is throwing an "ID is Malformed"
- Power Apps command visibility based on user security role
- How can I create Custom Industry Accelerator on Common Data Service?
- In Microsoft Dynamics 365 CRM what is the major difference in plugins and workflows when both serve the same purpose
- Hide/show fields based on a Boolean with JavaScript Dynamics CRM
- Use SSMS to determine Dataverse table index size
- Model-driven Power App - how to remove pre-existing classic commands
- Send custom messages to Azure Service Bus from MS CRM Plugins (Sandbox)
- I need to create a fetchxml retrieving cases where department is opening user's (user profile->) department
- Package Azure.Identity v1.11.0 and above caused an error with SqlClient and Dynamics 365
- FluentUi Timepicker Remove border and make the control color grey
- SSRS - Rows are repeating in table
- Set PrivilegeDepth with Microsoft CDS Web API
- D365 API PATCH call returns 204 No Content
- How can I use Alexa CRM to display an aggregated result in WordPress
- I can add only 15 products to a Bundle. How can I overcome this limitation?
- Attribute mappings (on N:1 relationships) not included in export?
- Understanding Plugin Transactions in Dynamics CRM
- Is there a way to link contact "parentcustomerid" to account when creating related entities in one operation in dynamics?
- Sync Plugin Timeout issue