Extensible Data Security (XDS) is a feature in D365FO that allows users to enforce role-based security and allow access to tables to be restricted by a policy. You can also say it as record-level security.
In simple words, XDS is placing a Where (In X++) or ON (In SQL) statement on any SQL Select, Update, Delete, or Insert statement done to a table based on parameters from another related table.
D365 Security Policy concept
Let's take an example to get a better understanding of it. I want to secure the VendTable table based on the SysUserInfo and to show only those vendor record that was created by the current user.
Policy query: the AOT query used to secure the constrained table based on the primary table contents
Constrained table: the table given in a security policy from which data is filtered or secured, based on the associated policy query. In the above example, the VendTable table would be the constrained table.
Primary table: Used to secure the content of the related constrained table. In the above example, the SysUserInfo would be the primary table.
Role Context: enables a policy based on the role(s) the user is assigned
Application Context: enables a policy based on information set by the application
Technical demo
AOT Query
Security Policy
Security Role
Build the solution with DB sync and we are done.
Open the environment, create a new user and assign newly created Vendor XDS Role to it.
Log in with this user
We can see the final outcomes that only those vendors' records are showing which were created by the current user.
Happy Learning
Comments
Post a Comment