This is the third part of a blog series related to the Security Development Tool. This time I will walk through the functionalities related to recording of entry points. Also take a note if you first need to install a hotfix to be able to use the recording option.
The security development tool comes with a feature to execute and record business flows in the AX client. Simply said it can record which menu items were accessed while opening some menu items from the main menu and forms. You can use it to record a business flow and then create new privileges, duties and assign access levels to the current selected Role.
Before you start, you have to check if you need a hotfix for Microsoft Dynamics AX 2012 or AX 2012 R2. You can read the announcement of this hotfix, the contents and a link to the download on this page: Security Development Tool for Dynamics AX 2012: Issue with recording entry points
You can use the button Start recording to start executing menu items and form buttons. In this example I selected the role Accounts payable payments clerk and wanted to provide additional insight into open balances from customers on the Collections list page. Also I used the Update aging functionality as people assigned to this role should be able to update the calculated customer due amounts.
Actually you can record about an unlimited number of actions. To keep the overview in this blog I stopped with just opening two menu items. You can stop recording and view all entry points that were recorded. Note that this feature only records menu items in the rich client. The recorded menu items are then marked in the Security development tool form.
You probably have noticed that with just recording two menu items, more items are shown as recorded. This is because the fact boxes on list pages and forms are recorded as well. Now we want to create a new privilege and duty. If a role is selected, you can select all filtered entry points and right click on the recorded entry points grid and choose Set entry point permissions from the popup menu.
Now you can set required access levels and click the button Next.
When you right click on the security role name, it is possible to add a new duty.
You can provide an AOT name, Label and Description. It is possible to enter labels like @NEW1004 which could represent the label or description in multiple languages. You can now create a new privilege similar to the procedure to create a Duty. Select the new Duty and choose New privilege. Then provide similar information as entering the duty information.
To add the entry points with selected access levels, you can open the popup menu and choose the option Apply entry point access levels to selection. The entry points will then be added to the selected privileges.
You can close the Set entry point permissions form and return to the main Security development tool form. You can review the changes.
The Collections node in the tree now has the View icon indicating it now has View access within this role. Eventually you can test the changed role to see if the role now has the functionality required by the business. To do this click the button Open the security test workspace.
It is also possible to record the entry points used in the Enterprise portal. The Security development tool guide on Technet has a good description how to do this. I would simply like to provide you the link to the page containing this information. You can read this part on this page: Record entry points in Microsoft Dynamics AX Enterprise Portal [AX 2012]
When you have recorded a flow of entry points it is possible to save the recordings for future use. You can e.g. reuse the recording in another role or save your work at 5 pm and continue the next day.
To do this, you can use the buttons Save recording and Load recording which are a bit hidden in the action pane. When you save the recording you will have to specify the file name and path to save the trace. It is interesting to know what is in the file. The file format is XML. When you open the file in e.g. Internet explorer, you can view the contents. It is a really easy to understand format.
If you want to learn other tips on the Security Development Tool, look on the Kaya Consulting blog, where there are other blogs on this subject. Also if you found this blog useful, please share it, so others can learn tips about the Security Development Tool.
That’s all for now. Till next time!
[contact-form-7 404 "Not Found"]