[Quality Management] [28.x] Enforce rules and restrictions with indirect and implicit permissions#9259
Open
JakovljevicDusan wants to merge 1 commit into
Conversation
… implicit permissions (#8556) ## What & why Implement InherentPermissions so users without QM permissions would not silently skip mandatory Quality Inspection creation or transaction restrictions. Automatic Quality Inspection creation is now handled like this: 1. If there is no Quality Inspection Setup or there is no Generation Rule triggered on specific event, QM code is skipped and user does not need any QM permission set. InherentPermissions for these two tables is used. 2. However, if there is trigger, then user has to have QM permissions. Otherwise, user gets standard permission error, such as this: <img width="561" height="266" alt="image" src="https://github.com/user-attachments/assets/0981f1db-fd75-43c1-9c0a-151181eeec92" /> 3. Minimum is new permission set "QltyMgmt - I. Create"/'Quality Inspection - Create' which grants indirect permissions for creating inspections, without accessing or processing them further. - This permission set grants permission to run creation inspection manually as well, via "Create Quality Inspection" actions. But, due to AccessByPermission, View actions are hidden if user has just that QM permission set. ## Linked work Fixes [AB#626330](https://dynamicssmb2.visualstudio.com/1fcb79e7-ab07-432a-a3c6-6cf5a88ba4a5/_workitems/edit/626330)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What & why
Implement InherentPermissions so users without Quality Management permissions would not silently skip mandatory Quality Inspection creation or transaction restrictions.
Automatic Quality Inspection creation is now handled like this:
If there is no Quality Inspection Setup or there is no Generation Rule triggered on specific event, Quality Management code is skipped, and user does not need any Quality Management permission set. InherentPermissions for these two tables are used.
However, if there is trigger, then user has to have Quality Management permissions. Otherwise, user gets standard permission error, such as this:
Linked work
Fixes AB#641763