Field Level Permissions (Restricted Fields)

by Jul 18, 2021AL Language, Projects

Home 9 Development 9 AL Language 9 Field Level Permissions (Restricted Fields)

I just add a new project to my GitHub repositories. It is a new extension for Business Central that extends security functionalities with field-level permission. Using this extension, users are able to define who can or can not change specific fields in any table in your system.

Source codes can be found on GitHub – https://github.com/TKapitan/TKA001-FieldLevelPermissions

Warning: Since 01.07.2021 all my new projects are available under Creative Commons Attribution-NonCommercial-ShareAlike (CC-BY-NC-SA) license. Under this license, the source codes are available for everybody for non-commercial purposes. If you would like to use any part of the code licensed under this license for commercial purposes, don’t hesitate to get in touch with me at kapitan@kepty.cz to discuss further details. It is possible to use my examples for commercial purposes at no cost if agreed in writing. More details about a new licensing are HERE.

Restricted Fields

The configuration can be found as “Restricted Fields”. You can specify the table/field that we want to restrict for some users on this page.

The field “Type” specify what is or is not allowed. The standard values are “Block All Changes” and “Allow Insert”. The first one does not allow to change from/to any value. “Allow Insert” allows to change the value from the blank value to any other value. If the field was not empty, the user is not able to change the value.

“Default Action” specify whether the default action is that anybody can change the value except specific users (“Default Action” = Allowed) or nobody except specific users can change the value (“Default Action” = Blocked).

The rule is active only when Enable is true.

Restricted Field Users

On the page “Restricted Fields”, we can also specify exceptions for the specific record. This can be done using the “User and User Groups” action.

We can specify a user or user group who can or can not change the field specified on the Restricted Field record on this page. Only enabled records are evaluated.

Evaluation order

The exceptions are evaluated in the following order.

  1. Is Blocked for User Group?
  2. Is Allowed for User Group?
  3. Is Blocked for User?
  4. Is Allowed for User?

The last matching rule is used (= if the field change is blocked for all users from group ABC, but it is allowed for user XYZ who is a member of ABC, the user still can change the value of the field even if his group can not).

Recent Articles from the category

How to let users choose field(s) properly

How to let users choose field(s) properly

When some complex functionality is developed, it is sometimes necessary to let users choose a specific field. This can be required for field permissions, mapping imported values or any similar process. Earlier, the usual way was to create a link on the Field table...

read more
Returning complex types in AL Language

Returning complex types in AL Language

In Microsoft Dynamics 365 Business Central 2021 w1 (released in May 2021), a profound change was introduced to ways how we can design our applications Until this version, the only way to return complex data types (like records, codeunits, Lists etc.) was using the var...

read more
Import various file types with Interfaces

Import various file types with Interfaces

A few weeks ago, I described a solution for importing an Excel file to the Business Central using Excel Buffer in AL Language (see here). In today's article, we will look at how to build a more complex solution that can be used for file imports without the needs to...

read more