I’ve written about XDS policies and how to apply them in the past, but what about the scenario where you want to apply multiple XDS policies to the same role in D365FO? How would you go about achieving that?
For my test scenario, I want a role to only be able to interact with Customers and Vendors that have a group (CustGroup/VendGroup) equal to 10.
Steps to Implement
The first thing I did was to create a role that allows full control to both customers and vendors. Here is what the test user sees when assigned this role:
To implement the XDS policies, I first created the Customer and Vendor queries:
I then create the security policies for these queries. A couple things to note here:
- The Context String property for each policy is the same, this will allow us to assign these policies to the same role
- The Context Type is set to RoleProperty, this means that the Context String will be used to determine which role(s) this should apply to
- The Operations property is set to AllOperations, which means all Reads, Updates, Creates, and Deletes will be under the context of XDS
- The Primary Table in each is the corresponding Group table for the object (VendGroup/CustGroup)
- Each policy references the corresponding query (VendorGroupQuery, CustomerGroupQuery)
I then created a role (FpGroupXDSRole) that I assigned the appropriate duties too, notice here that I set the Context String to the same string as my security policies (GroupXDSPolicy). This will apply both XDS policies to this role.
Once this role is assigned to the user, we can see that both policies are applied successfully.
In my test from above, I created the role via the AOT. I also wanted to ensure that a role created from the user interface also works as expected. So I created a role in the Security Configuration area of D365FO and made sure to set the Security Policy Context String to the same string as before (GroupXDSPolicy).
When this role was assigned to my test user, the results were as expected and the XDS policy was applied successfully.
I created a YouTube video to show demonstrate this functionality, you can find it here: https://youtu.be/Ov8_06-YiT0