About Dependencies Between Access Rights
[Applies to: Microsoft Dynamics CRM 2011]
Sometimes, security dependencies exist because it is necessary to have more than one access right to perform a given action. For example, if you have the create access right for accounts, you can create a record of the account entity type. However, unless you also have read access for accounts, you cannot create an account record and be the owner of that new record.
The following table lists the access right dependencies for the actions specified.
Action | Access rights required |
---|---|
To Create a record and be the record owner |
CREATE READ |
To Share a record |
SHARE. This right is required by the person doing the share operation. READ. This right is required by the person doing the share operation and also by the person with whom the record is being shared. |
To Assign a record |
ASSIGN WRITE READ |
To Append To a record |
READ APPENDTO |
To Append a record |
READ APPEND |
Another type of dependency exists when objects are subordinate to another object. For example, the opportunity object cannot exist on its own. Each opportunity is always attached to an account or contact. To create an opportunity, you must have the access right appendto on accounts and the access right append on opportunities.
See Also
Reference
AccessRights
RetrievePrincipalAccessRequest
Concepts
How Record-Based Security Can Be Used to Control Access to Records in Microsoft Dynamics CRM
Other Resources
The Security Model of Microsoft Dynamics CRM
Microsoft Dynamics CRM 2011
Send comments about this topic to Microsoft.
© 2013 Microsoft Corporation. All rights reserved.