I am working on a CRM extension which will use its own database. On this database I need
* row security (no access, access only own data, access organization data)
* field security (no access, read access, write access)
Ideally, I would use something very similar to Dynamics CRM and simply synchronizing the security roles and privileges from the CRM database to my DB. I see that they have tables for the roles, privileges, etc. My question is, how are they implementing the security? It seems this happens through the "filtered views". Are these dynamically created and only contains the columns to which a user has access to? How do they control that a value can be read but not written?
Further to the above, will this approach work with Entity Framework which is being used in my project? With EF there are classes generated based on the tables and/or views but how does this work with filtered views?