Unified Operations & Dynamics AX Forum

Expand all | Collapse all

2012 r3 permissions on the form controls

  • 1.  2012 r3 permissions on the form controls

    Posted Dec 12, 2018 09:41 AM

    Hi, i have a question regarding the permissions on the form.

    There is a form in AR, OpenCustomerInvoicesListPage, for which  the permission is created for entry point , and it has been used for different users. It is working all as expected.

    I have recently added one MenyItem button to the Print option on Invoice document group, on the Invoice tab. Since there were no permissions set on any of the design nodes - pane, button group, button option - i was assuming that the privileges for the button will be inherited with the form - whoever i permit to view/edit the form, will be able to access button. Yet, after deployment, only sys admins are able to see that new button. I have added other controls to the same design, on the grid, and they all show up for all users.

    Am I missing something here? 

    Other buttons and other controls are activated through methods on the Form itself, but no 'Visible' property is changed, just 'Enabled'.

    Thanks for suggestions,


    Pedja Nikodijevic
    Express Scripts Canada

  • 2.  RE: 2012 r3 permissions on the form controls

    Posted Dec 12, 2018 02:04 PM
    Hi Pedja,

    Your assumption is valid for all controls on a form if you don't specify additional properties, except for a menu item button. Menu items can only be granted permission with help of the security objects. You need to add the menu item to a privilege. Then the privilege can be added to or is already part of a duty which can be linked at a role. It is also possible to directly link the privilege on a role.
    Other objects on a form like a tab page or control button can be secured using the property NeededPermission and form permissions on a privilege or security role.

    kind regards,

    André Arnaud de Calavon
    Solution Architect, Microsoft MVP - Microsoft Dynamics Business Solutions

  • 3.  RE: 2012 r3 permissions on the form controls

    Posted Dec 13, 2018 07:21 AM
    My 2 cents - Andre is correct, personally though I wouldn't add a privilege directly to a role but add the privilege to a duty and the duty to a role. It may not be an issue for you as you're a Canadian company but if you ever need to become SOD compliant and just use AX tools then all privileges need to be associated with Duties.


    Frank Potter
    ERP Business Process Lead
    Kodak Alaris Inc.
    Rochester NY

  • 4.  RE: 2012 r3 permissions on the form controls

    Posted Dec 13, 2018 09:49 AM

    Just to add on to what others have already said, there are a number of different securable objects within AX. These include:

    - Menu Item (Display, Action, Output)
    - Table
    - Web Url Item
    - Web Action Item
    - Web Managed Content Item

    AX also follows a pessimistic security model so a user has no security until you assign permissions to securable objects to them. If you add a custom object of one of these types you must assign security to it in some way otherwise only system administrators will be the only users who can see it. There are also objects that do not have security tied to them directly but get their security from other objects. For example forms have no security directly assigned to them, but menu item displays do and menu item displays are tied to forms. 

    Alex Meyer
    Director of Dynamics AX/365 for Finance & Operations Development
    Des Moines, IA

  • 5.  RE: 2012 r3 permissions on the form controls

    Posted Dec 31, 2018 10:59 AM
    Thank you all for suggestions. I realized that i have created the command as MenuItem button, than after some time added code to Click event, so i can run some verification and then call Menu Item from the code. Now i have a simple button command, which inherited the privilege from the form, and i added permission for MenuItem , so i can add it to the role for the user and restrict usage.

    Pedja Nikodijevic
    Express Scripts Canada