impersonation and access field RRS feed

  • Question

  • Hello All,

    I created a custom entity, say abc. It has a field, "Password" in it ( single line of text ).

    I created a custom workflow activity, which is reading this password field.

    The requirement is that : I want the data in password field should be shown only to system administrators and other users can not see it ( but they should be able to read it in workflow activity ).

    Try 1 : I enabled field security on password field, created a field security profile and gave No access ( Read, write, update ) to all users other than system administrators. This hides the data in Password field and it is shown as ******, but on the other hand, i can not able to access password in my workflow activity.

    Try 2 : I tried impersonation using context.UserId and context.initiatingUserId Both.

    Please guide how to achieve this functionality.

    Its urgent and high level priority.

    Tanu Goyal

    Thursday, May 29, 2014 5:25 AM

All replies

  • Hello,

    You can try to share your field for System user - http://mscrmtools.blogspot.ru/2012/12/create-truly-personal-field-with-field.html in behalf of which workflow are being executed.

    Dynamics CRM MVP/ Technical Evangelist at SlickData LLC
    My blog

    Thursday, May 29, 2014 6:28 AM
  • Try Pre Operation Retrieve plugin. In the retrieve plugin, check if the user is not an admin, remove the field from the entity's attribute collection. That way, it won't be passed to the user.

    In your update (or whichever) plugin, if the user is admin, retrieve that field.

    This way, your field becomes secured even if someone tries to access the entity using API calls.

    • Proposed as answer by Ahmad Pirani Thursday, May 29, 2014 6:13 PM
    Thursday, May 29, 2014 6:12 PM