Work with Filter Security advanced

In addition to the functionality presented by default, filter security offers some more advanced options.

Filter Security accepts plain text filters and numbers. Furthermore, any filter used on a list in Microsoft Dynamics 365 Business Central is accepted. The only limitation is that filter values must be plain text, i.e. use of variables (like T for today's date), SQL queries and calling methods is not supported. You can test any filter before configuring the field security on the list itself; e.g. if you want to filter items on the field Type, you manually filter on the value and test whether it works with the values as expect. Any line in the results is authorized to the user.

Based upon:

By default the extension Filter Security only displays one filter to set up. It is possible to use multiple filters for a much more detailed authorization, e.g. in table Purchase Line on both document type and line type. To enable this for setup you need to add these columns to the page:

  • Filter And Or: choose whether how the first and second filter are applied;
  • Filter Field 2 Caption: the name of the field
  • Filter Field 2: the field id
  • Filter 2: the value to filter on

If you need more than two filters, you can also add the same permission set to multiple lines in the filter security. Example: if a user needs permissions in the table Purchase Line for G/L-lines of an invoice limited to G/L account 84901 you create two lines and assign the same permission set:

  • Line 1, Filter 1: field Document Type, filter value Invoice
  • Line 1, Filter 2: field Type, filter value G/L Account
  • Line 2, Filter 1: field Document Type, filter value Invoice
  • Line 2, Filter 2: field No., filter value 84901

Compliance Field Security has the option to hide parts of a table based upon filters, e.g. posting groups or G/L account numbers. If used, the extension hides any lines users are not authorized to see. No custom code is necessary. However, there are two limitations:

  • At the moment only default pages in Dynamics 365 Business Central are supported and
  • Filtering is only possible in the same table.

Setting up visibility is much like configuring a filter security for editability:

1. In the top right corner, choose the Search icon, enter Filter Security and choose the related link.
2. Choose the action New in the Filter Security List.
3. Complete the following fields in the header.

  • No.: Automatic and / or manual, based on the number series settings.
  • Description: E.g. Field Security Table 27 Item.
  • Table ID: Select the ID of the table that you want to secure on field level. You can use the list of tables or enter the object id directly.

4. Click Show more to display all fields on the card.
5. Add the field Filter Type to the columns displayed on the lines by opening the right mouse menu on the column head and open Choose Columns.
6. Filter Security splits a table in parts based upon filters. Set up a filter:

  • Choose the field you want to filter on in Filter Field 1 by opening the list of fields in the table through the AssistEdit button. Alternatively, you can enter the field id.
  • Fill the filter value you want to assign in the field Filter 1.
  • New lines have by default the value Editable in the field Filter Type. Change this to Visibility.

7. Assign permission set(s) to the filter line.

  • Open the window Permission Sets per Field Security by clicking the number No. of Assigned Permission Sets on the line.
  • Click New to add a new line.
  • Choose the first line and select the AssistEdit button.
  • Confirm the selection by clicking OK.
  • Do this for every line you created.
  • Note: the filter security is only active if assgined to permission sets. It is inactive if assigned:
    • permission set(s) assigned to the filter security AND
    • a permission set with both insert, modify and optionally delete permissions NOT assigned to the filter security.

8. The filter security is inactive until the Starting Date contains a date in the past or today. Furthermore, the filter security is inactive when the field End Date contains a date in the past.
9. If the user for which you have setup a filter security logs out of Business Central and logs in again, the field security is activated.

In Filter Security, records can be hidden based on a filter, as long as a certain event has been added to the page where the security is applied that calls our code. We did that for standard BC pages, out of the box for a lot of pages. If you choose a table in a Filter Security, you can see a field in the header (under “Show more”) that shows the number of pages related to the chosen table. For custom / add-on pages, a piece of customization will have to be added to be able to use the visibility filter on it. Simple customization concerns one event per page with almost the same code.

  • complianceapps/3field_security/5work_with_filter_security_advanced.txt
  • Last modified: 2021/01/27 14:23
  • by luukvm