Monday, June 1, 2020

How to get security role of a logged-in user in D365 using JavaScript

We can get user security roles from Dynamic CRM Global context in two ways

var userRoles= Xrm.Utility.getGlobalContext().userSettings.roles;

Or

var userRoles= executionContext.getContext().userSettings.roles;











Sample code that to work on both classic UI and new UCI is below 


// JavaScript source code

function CheckUserSecurityRole(executionContext) {

       debugger;

       var roles = Xrm.Utility.getGlobalContext().userSettings.roles;

       if (roles === null) return false;

 

       if (roles == undefined) {

             roles = RetrieveLoggedInD365UserSecurityRoles();

       }

 

       var hasRole = false;

       roles.forEach(function (item) {

             if (item.name.toLowerCase() === "sales person") {

                    LockFormOnLoad(executionContext);

             }

       });

}

 

// Lock all the field on the form if Owner of the entity record is not the logged-in user

function LockFormOnLoad(executionContext) {

       var formContext = executionContext.getFormContext();

       if (formContext.getAttribute("ownerid") != null) {

             var owner = formContext.getAttribute("ownerid").getValue()[0];

             if (owner.id != Xrm.Utility.getGlobalContext().userSettings.userId) {

                    var controls = formContext.getControl();

                    controls.forEach(function (item) {

                           if (item.getName() != "" && item.getName() != null) {

                                 if (item.getDisabled && item.setDisabled && !item.getDisabled()) {

                                        item.setDisabled(true);

                                 }

                           }

                    });

                    formContext.ui.setFormNotification("Sales Person cannot edit the Quote owned by other person", "INFO");

             }

       }

}

 

function RetrieveLoggedInD365UserSecurityRoles() {

       var resultset = "";

       var fetchXMLCondition = "";

       var userSettings = Xrm.Utility.getGlobalContext().userSettings;

       if (userSettings.securityRoles.length > 0) {

             var i;

             for (i = 0; i < userSettings.securityRoles.length; i++) {

                    fetchXMLCondition += "<condition attribute='roleid' operator='eq' value='" + userSettings.securityRoles[i] + "'/>";

             }

             var fetchXML = "<fetch version='1.0' output-format='xml-platform' mapping='logical' distinct='false'>" +

                    "<entity name='role'>" +

                    "<attribute name='roleid' />" +

                    "<attribute name='name' />" +

                    "<order attribute='name' descending='false' />" +

                    "<filter type='or'>" + fetchXMLCondition +

                    "</filter>" +

                    "</entity>" +

                    "</fetch>";

             resultset = FetchXML_GetRecords(fetchXML, "roles");

       }

       return resultset;

}

 

function FetchXML_GetRecords(originalFetch, entityname) {

       var records;

       var fetch = encodeURI(originalFetch);

       var serverURL = Xrm.Page.context.getClientUrl();

       var Query = entityname + "?fetchXml=" + fetch;

       var req = new XMLHttpRequest();

       req.open("GET", serverURL + "/api/data/v9.0/" + Query, false);

       req.setRequestHeader("OData-MaxVersion", "4.0");

       req.setRequestHeader("OData-Version", "4.0");

       req.setRequestHeader("Accept", "application/json");

       req.setRequestHeader("Content-Type", "application/json; charset=utf-8");

       req.setRequestHeader("Prefer", "odata.include-annotations=\"*\"");

       req.onreadystatechange = function () {

             if (this.readyState === 4) {

                    req.onreadystatechange = null;

                    if (this.status === 200) {

                           var results = JSON.parse(this.response);

                           if (results != null) {

                                 records = results.value;

                           }

                    } else {

                           Xrm.Utility.alertDialog(this.statusText);

                    }

             }

       };

       req.send();

       return records;

}

 

 





No comments: