There is a new pattern introduced in the new version of Dynamics AX (AX6.0/2012), for the security of the forms/tables etc. which is called RBS.
// 3. How to the find all the duties containing the specified privilege (security Duty)?
select SecurityTask from securitySubTask
///////////////// Code in X++ /////////////////////////////
In Microsoft Dynamics AX, role-based security is aligned with the structure of the business. Users are assigned to security roles based on their responsibilities in the organization and their participation in business processes. The administrator grants access to the duties that users in a role perform, not to the program elements that users must use.
Let’s take a looks at the data models of the Security framework
Table
|
Description
|
Mapping
|
SecurityRole
|
Contains list of roles
|
(AOTàSecurityàRoles)
|
SecurityUserRole
|
Contains the user to role mappings
|
(System Administration à Users àUser)
|
SecurityTask
|
Contains the list of duties and privileges
|
(AOTàSecurityàPrivileges/Duties)
|
SecuritySubTask
|
Contains the duty to privilege mappings
|
(AOTàSecurityà Dutiesà Privileges)
|
SecurityRoleTaskGrant
|
contains the list of role to duty mappings
|
(AOTàSecurityà RolesàDuties)
|
Some Examples
///////////////// Code in X++ /////////////////////////////
SecurityRole securityRole;
SecurityUserRole securityUserRole;
SecurityTask securityTask;
SecuritySubTask securitySubTask;
SecurityRoleTaskGrant securityRoleTaskGrant;
#define.SecurityRole(‘BudgetBudgetManager’)
#define.SecurityTask(BudgetManagerRoleCenterView)
// 1. How to the find record ID of the privilege
select firstOnly RecId from securityTask
where securityTask.AotName == #SecurityTask
&& securityTask.Type == SecurityTaskType::Privilege;
// 2. How to find the record ID of the security role of the currently logged-in user aving the specified security role
select firstonly RecId from securityRole
exists join securityUserRole
where securityRole.RecId == securityUserRole.SecurityRole
&& securityRole.AotName == #SecurityRole
&& securityUserRole.User == curUserId();
// 3. How to the find all the duties containing the specified privilege (security Duty)?
select SecurityTask from securitySubTask
where securitySubTask.SecuritySubTask == securityTask.RecId;
// 4. How to check whether the privilege is directly associated with role
select firstOnly RecId from securityRoleTaskGrant
where securityRoleTaskGrant.SecurityTask == securityTask.RecId
&& securityRoleTaskGrant.SecurityRole == securityRole.RecId;
// 5. How to check whether the privilege is associated with role through duty
select RecId from securityRoleTaskGrant
exists join securitySubTask
where securityRoleTaskGrant.SecurityTask == securitySubTask.SecurityTask
&& securityRoleTaskGrant.SecurityRole == securityRole.RecId;
For getting List of all Roles
static void RoleUSerID(Args _args)
{
UserInfo userInfo;
SecurityUserRole securityUserRole;
SecurityRole Roles;
while select userInfo
join securityUserRole
where securityUserRole.User == userInfo.Id
join Roles where Roles.RecId == securityUserRole.SecurityRole
&& Roles.AotName ==”TradeSalesRepresentative”
{
info(userInfo.Id);
}
