{Security Nuances} – Security consideration while targeting business process flows and switching processes for security roles.

Business process flows are everywhere these days. Every project I come across have business process flows implemented and why not? A great feature indeed.

However came across this  very interesting question that one of my client administrators came up with regarding the security aspect of Business Process flows. The following describes the set-up for client CRM system.

  • User A has security role A
  • User B has security role B
  • There are two business process flows created for the case entity. Process A has been targeted for Security Role A and Process B has been targeted for security role B.
  • Both the users belong to the same business unit and their roles provide business unit level write access on the case entity.

User A went ahead and created a case record with Business Process A in place. However the expectation of our client was that since User B has security role B which do not have privilege on the process A, User B would not be able to modify or view Business Process A. However the truth is that User B would be able to modify the fields in the Business Process area of the case record and also move stages.

The reason for this is targeting Business Process flows for security does not prevent a user from accessing and modifying a process already applied to a record. The targeting in effect prevents switching of Business Process flows. If your security role is not targeted for a particular business process, this simply means that the user cannot switch to that process.

Hope this helps in case you are new to the Business Process flows and designing security for the same!

Advertisements

Author: Debajit

I am a Dynamics CRM Most Valuable Professional (MVP) with 10 years of experience in Microsoft .NET Technologies and 7 years of dedicated experience in Microsoft Dynamics CRM. I have worked with companies like Microsoft, SanDisk, PwC, TMF Group and have extensive experience of implementing complex CRM solutions from both offshore and client side. Currently the face of XrmForYou.com with significant experience in delivering corporate training on Dynamics CRM and have already delivered multiple projects to client through XrmForYou.com Author of multiple tools on codeplex including the 'Role Based Views' and 'CRM-Sharepoint Metadata manager & Attachment Extractor' which are available for commercial use under XrmForYou.com For consulting/ training, drop me a note at info@xrmforyou.com or visit our website www.xrmforyou.com

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s