The sharing feature of Microsoft Dynamics CRM lets users grant permissions to a record to other Users or Teams. However, the user who is sharing the record must decide the permissions to give, and configure the permissions every time he or she shares a record.
Limitations on sharing a record:
If
a record is shared, you cannot determine who has access to the record without
opening the Sharing dialog box for each record that you want to check.
You cannot create queries with Advanced Find
to report on shared access.
Access Team Templates are used to resolve these issues by providing a
much faster way for users to add their colleagues to a record so that they
receive a set of permissions that the system customizer has configured in
advance.
The
list of who has access to the record is easily visible, and can be changed with
immediate effect by users who have the necessary privileges to perform this
action.
Access
Teams feature is based on the usual Team entity, and Access Teams have Users as
members.
You
can query records based on relationships to Teams and Users to identify the
records that can be accessed by a User (or any group of Users). For example,
this type of query could be used as the basis for a view of all Project records
for which the current user is a member of the Stakeholders Team
Configure Access Team Templates
To
configure and use Access Team Templates, follow these steps.Configure Access Team Templates
1. Enable the entity for Access Teams and publish the change.
2. Create an Access Team Template that defines the access rights to be granted to members of an Access Team that uses this template.
3. On a form for the entity, add a sub-grid that will be used to add and display Users who are members of the Access Team for a record. The sub-grid is associated with a specific Access Team Template. Note: You do not have to create Teams to use with Access Team Templates. When the first user is added to a record through the sub-grid that you have configured on the form, a Team is created by the system.
- This Team has some specific properties that include the following
- The Team Name is a concatenation of the GUID of the record, a plus sign (+) and the GUID of the Access Team Template that is associated with the sub-grid where the User is added
- The Team Type is Access (instead of Owner)
- The Team has the property Is System Managed set to Yes
The access
rights that are defined for the Access Team Template are shown in the “Access
Team Template” figure
When you try
to add a User to an Access Team for a record, the following three rules are
enforced by the system:
The user who adds a new Access Team member to a record must have share privileges to the record.
The user who adds a new Access Team member to a record must have share privileges to the record.
- The user who adds a new Access Team member must have all the access rights that are defined in the Access Team Template. For example, if the Access Team Template grants the delete access right, the user who adds the Team member must already have delete privileges for the record.
- Generally, in Microsoft Dynamics CRM, a user cannot grant privileges they do not have. When a standard share is used, any of the privileges that the user does not have are unavailable and cannot be selected to grant these permissions in the sharing dialog box.
- The user who is added to the Access Team must have at least User level access to all the privileges that the Access Team Template has. For example, you cannot add a user to an Access Team that would grant delete access rights to a record, if the user does not have delete privileges on the entity to at least the User level. When you use a standard share, you can grant permissions that the user does not have for his or her own (user owned) records.
However,
because the Security Role has precedence, one or more of the shared permissions
might be ignored.
Hope You Enjoy this post.
No comments:
Post a Comment