I've got a field on an appointment entity - PrivateNotes. I only want to allow the OWNER of the field to be able to read & update this field. So, field security will not suffice.
I googled this question, and found some code that uses PrincipalObjectAttributeAccess to restrict an individual field's security to just the owner, however I can't get the code to work, and I've tried several ways. PrincipalObjectAttributeAccess is new to me, I never heard of it before today.
Here is the simplest version I found:
private void ShareSecureFieldWithOwner(Entity record)
{
// Any method that helps you find the AttributeMetadata Id
var attributeId = FindSecuredAttribute();
if (attributeId != Guid.Empty)
{
var userAccess = new PrincipalObjectAttributeAccess
{
AttributeId = attributeId,
ObjectId = record.ToEntityReference(),
PrincipalId = record.OwnerId,
UpdateAccess = true,
ReadAccess = true
};
context.AddObject(userAccess);
context.SaveChanges();
}
}2 main problems with this:
1. I don't know how I'm going to implement FindSecuredAttribute.
2. It's telling me that I'm missing a reference or assembly, as it doesn't recognise PrincipalObjectAttributeAccess. I'm trying to find what using statement/namespace/reference I need for this, but can't find anything.
Here are the current using statements I have:
using Microsoft.Xrm.Sdk; using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading.Tasks;
I REALLY don't know what I'm doing here, so I need the simplest explanantion possible!
Thanks.