Posts Tagged Plugin

Filtering records of any entity on top of Role and Permission


Filtering records of any entity on top of Role and Permission

Many times as a developer point of view we get some requirements which are complex in terms of designing and to meet such type of requirement we look to find an alternative solution.

Recently in my project I faced an issue regarding the Security Role for a Specific Type of User(Role). I would like to share the scenario. I had to filer the records of a particular entity dynamically based on a PickList value of that form. I mean in real the problem and the requirement was much more complex but let not focus on that. Let’s see how we can filter the record on top of the role privileges.

To solve my problem I wrote a plugin and registered for a RetrieveMultiple message.

// Obtain the execution context from the service provider.
IPluginExecutionContext context=(IPluginExecutionContext)serviceProvider.GetService(typeof(IPluginExecutionContext));
if (context.Mode == 0 && context.Stage == 20 && context.MessageName.Equals("RetrieveMultiple"))
{
  if (context.InputParameters.Contains("Query"))
  {
     if (context.InputParameters["Query"] is QueryExpression)
     {
         QueryExpression objQueryExpression = (QueryExpression)context.InputParameters["Query"];

       if (objQueryExpression.EntityName == "entityName")
       {
          IOrganizationServiceFactory serviceFactory = (IOrganizationServiceFactory)serviceProvider.GetService(typeof(IOrganizationServiceFactory));
          service = serviceFactory.CreateOrganizationService(context.UserId);
          ConditionExpression conExpress;
          string role = string.Empty;

          role = getUserRole(context.UserId);//Method to get the role of logged In User
          if (role.Contains("roleName"))
          {
             conExpress = new ConditionExpression()
             {
                AttributeName = "attributeName",
                Operator = ConditionOperator.Equal,
                Values = { "1" }
              };
            }
           else
           {
           // show all for legal , finance, system admin

           conExpress = new ConditionExpression()
           {
             AttributeName = "attributeName",
             Operator = ConditionOperator.In,
             Values = { "1", "2", "3" }
           };
        }

       FilterExpression newFilter = new FilterExpression()
       {
           FilterOperator = LogicalOperator.Or,
           Conditions = { conExpress }
       };

       objQueryExpression.Criteria.AddFilter(newFilter);
       }
     }
  }
}

Here I have used the method getUserRole() but not shown in the code. We can get the role easily by using Linq, FetchXml or any other means. Anyways that was not the agenda for this article.

I have tested this plugin & its works fine without any Performance Issue. Below I have shown the registration steps for this plugin.

Note: If you are checking the entityname inside the plugin then its fine you can register the plugin as above otherwise you c an mention the entityname also in the Primary Entity in the above registration  step.

This RetrieveMultiple can be used for multiple purposes for eg for filtering of records in Lookup etc. I hope this really helps.  HAPPY READING !!!!!!!!!!!!!!!!!!

, , , ,

1 Comment