I just add a new project to my GitHub repositories. It is a new extension for Business Central that extends security functionalities with field-level permission. Using this extension, users are able to define who can or can not change specific fields in any table in your system.
Source codes can be found on GitHub – https://github.com/TKapitan/TKA001-FieldLevelPermissions
Warning: Since 01.07.2021 all my new projects are available under Creative Commons Attribution-NonCommercial-ShareAlike (CC-BY-NC-SA) license. Under this license, the source codes are available for everybody for non-commercial purposes. If you would like to use any part of the code licensed under this license for commercial purposes, don’t hesitate to get in touch with me at email@example.com to discuss further details. It is possible to use my examples for commercial purposes at no cost if agreed in writing. More details about a new licensing are HERE.
The configuration can be found as “Restricted Fields”. You can specify the table/field that we want to restrict for some users on this page.
The field “Type” specify what is or is not allowed. The standard values are “Block All Changes” and “Allow Insert”. The first one does not allow to change from/to any value. “Allow Insert” allows to change the value from the blank value to any other value. If the field was not empty, the user is not able to change the value.
“Default Action” specify whether the default action is that anybody can change the value except specific users (“Default Action” = Allowed) or nobody except specific users can change the value (“Default Action” = Blocked).
The rule is active only when Enable is true.
On the page “Restricted Fields”, we can also specify exceptions for the specific record. This can be done using the “User and User Groups” action.
We can specify a user or user group who can or can not change the field specified on the Restricted Field record on this page. Only enabled records are evaluated.
The exceptions are evaluated in the following order.
- Is Blocked for User Group?
- Is Allowed for User Group?
- Is Blocked for User?
- Is Allowed for User?
The last matching rule is used (= if the field change is blocked for all users from group ABC, but it is allowed for user XYZ who is a member of ABC, the user still can change the value of the field even if his group can not).