security objects
// security levels
var HIDDEN = 1;
var READ_ONLY = 2;
var EDIT = 3;
// object types
var FIELD = 1;
var TAB = 2;
SetPageSecurity();
// Main page security routine
function SetPageSecurity()
{
var formObj = document.all.crmForm;
var formType = formObj.FormType;
// Retrieve user roles and security configuration for the form type.
var userRoles = GetUserRoles();
var securityObjects = GetSecurityObjects(formObj.ObjectTypeName, userRoles);
// loop through returned security objects and set up form security
for ( var i = 0; i < securityObjects.length; i++ ) {
switch( securityObjects[i].objectType ) {
case FIELD:
if ( formType == 4 )
return;
SetFieldSecurity( securityObjects[i] );
break;
case TAB:
SetTabSecurity( securityObjects[i] );
break;
default:
alert( "Unhandled object type in SetPageSecurity()" );
break;
}
}
}
// Configures the form security for fields
function SetFieldSecurity( securityObject )
{
var fieldObj = document.getElementById( securityObject.objectName );
if ( fieldObj != null ) {
switch( securityObject.securityLevel ) {
case EDIT:
SecurityShowField( fieldObj.id, false );
fieldObj.Disabled = false;
break;
case READ_ONLY:
SecurityShowField( fieldObj.id, false );
fieldObj.Disabled = true;
break;
case HIDDEN:
SecurityShowField( fieldObj.id, true );
fieldObj.Disabled = true;
break;
default:
alert( "Unhandled Security Level in SetFieldSecurity." );
break;
}
}
else {
alert( "An error occurred while attempting to set security on " + securityObject.objectName );
}
}
// Configures the form security for tabs
function SetTabSecurity( securityObject )
{
//don't hide tab on quick create
if(crmForm.FormType > 0 && crmForm.FormType == 5)
return;
var tab = document.getElementById( securityObject.objectName );
if ( tab != null ) {
switch( securityObject.securityLevel ) {
case HIDDEN:
tab.style.display = "none";
break;
case EDIT:
case READ_ONLY:
default:
break;
}
}
else
alert( "An error occurred while setting security on " + securityObject.objectName );
}
// Method that displays or hides fields.
function SecurityShowField( fieldName, isHidden )
{
var fieldObjTcLabel = document.getElementById( fieldName + "_d" );
var fieldObjTcControl = document.getElementById( fieldName + "_c" );
if ( isHidden ) {
fieldObjTcLabel.style.display = "none";
fieldObjTcControl.style.display = "none";
}
else {
fieldObjTcLabel.style.display = "inline";
fieldObjTcControl.style.display = "inline";
}
}
// Helper method to return the CRM security roles of a user
function GetUserRoles()
{
// Define SOAP message
var xml =
[
"<?xml version='1.0' encoding='utf-8'?>",
"<soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\" ",
"xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" ",
"xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">",
GenerateAuthenticationHeader(),
"<soap:Body>",
"<RetrieveMultiple xmlns='http://schemas.microsoft.com/crm/2007/WebServices'>",
"<query xmlns:q1='http://schemas.microsoft.com/crm/2006/Query' ",
"xsi:type='q1:QueryExpression'>",
"<q1:EntityName>role</q1:EntityName>",
"<q1:ColumnSet xsi:type='q1:ColumnSet'>",
"<q1:Attributes><q1:Attribute>name</q1:Attribute></q1:Attributes>",
"</q1:ColumnSet>",
"<q1:Distinct>false</q1:Distinct>",
"<q1:LinkEntities>",
"<q1:LinkEntity>",
"<q1:LinkFromAttributeName>roleid</q1:LinkFromAttributeName>",
"<q1:LinkFromEntityName>role</q1:LinkFromEntityName>",
"<q1:LinkToEntityName>systemuserroles</q1:LinkToEntityName>",
"<q1:LinkToAttributeName>roleid</q1:LinkToAttributeName>",
"<q1:JoinOperator>Inner</q1:JoinOperator>",
"<q1:LinkCriteria>",
"<q1:FilterOperator>And</q1:FilterOperator>",
"<q1:Conditions>",
"<q1:Condition>",
"<q1:AttributeName>systemuserid</q1:AttributeName>",
"<q1:Operator>EqualUserId</q1:Operator>",
"</q1:Condition>",
"</q1:Conditions>",
"</q1:LinkCriteria>",
"</q1:LinkEntity>",
"</q1:LinkEntities>",
"</query>",
"</RetrieveMultiple>",
"</soap:Body>",
"</soap:Envelope>"
].join("");
var resultXml = executeSoapRequest("RetrieveMultiple",xml);
return getMultipleNodeValues(resultXml, "q1:name");
}
// Helper method to custom security objects
function GetSecurityObjects(entity, userRoles)
{
// Define SOAP message
var xml =
[
"<?xml version='1.0' encoding='utf-8'?>",
"<soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\" ",
"xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" ",
"xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">",
GenerateAuthenticationHeader(),
"<soap:Body>",
"<RetrieveMultiple xmlns=\"http://schemas.microsoft.com/crm/2007/WebServices\">",
"<query xmlns:q1=\"http://schemas.microsoft.com/crm/2006/Query\" xsi:type=\"q1:QueryExpression\">",
"<q1:EntityName>sonoma_securitybehavior</q1:EntityName>",
"<q1:ColumnSet xsi:type=\"q1:AllColumns\" />",
"<q1:Distinct>false</q1:Distinct>",
"<q1:LinkEntities><q1:LinkEntity>",
"<q1:LinkFromAttributeName>sonoma_securitybehaviorid</q1:LinkFromAttributeName>",
"<q1:LinkFromEntityName>sonoma_securitybehavior</q1:LinkFromEntityName>",
"<q1:LinkToEntityName>sonoma_securitybehaviorrole</q1:LinkToEntityName>",
"<q1:LinkToAttributeName>sonoma_securitybehaviorid</q1:LinkToAttributeName>",
"<q1:JoinOperator>Inner</q1:JoinOperator>",
"<q1:LinkCriteria><q1:FilterOperator>And</q1:FilterOperator>",
"<q1:Conditions><q1:Condition>",
"<q1:AttributeName>sonoma_rolename</q1:AttributeName>",
"<q1:Operator>In</q1:Operator>",
"<q1:Values>"
].join("");
for (var i = 0; i < userRoles.length; i++)
{
xml += "<q1:Value xsi:type=\"xsd:string\">" + userRoles[i] + "</q1:Value>"
}
xml +=
[
"</q1:Values></q1:Condition></q1:Conditions>",
"</q1:LinkCriteria></q1:LinkEntity></q1:LinkEntities>",
"<q1:Criteria><q1:FilterOperator>And</q1:FilterOperator>",
"<q1:Conditions><q1:Condition><q1:AttributeName>sonoma_entityname</q1:AttributeName>",
"<q1:Operator>Equal</q1:Operator><q1:Values>",
"<q1:Value xsi:type=\"xsd:string\">",
entity,
"</q1:Value></q1:Values></q1:Condition></q1:Conditions></q1:Criteria>",
"</query>",
"</RetrieveMultiple>",
"</soap:Body>",
"</soap:Envelope>"
].join("");
/*
var xmlHttpRequest = new ActiveXObject("Msxml2.XMLHTTP");
xmlHttpRequest.Open("POST", "/mscrmservices/2007/CrmService.asmx", false);
xmlHttpRequest.setRequestHeader("SOAPAction","http://schemas.microsoft.com/crm/2007/WebServices/RetrieveMultiple");
xmlHttpRequest.setRequestHeader("Content-Type", "text/xml; charset=utf-8");
xmlHttpRequest.setRequestHeader("Content-Length", xml.length);
xmlHttpRequest.send(xml);
var resultXml = xmlHttpRequest.responseXML;
*/
var resultXml = executeSoapRequest("RetrieveMultiple",xml);
var securityObjects = new Array();
if( (resultXml.xml) != null && (resultXml.xml.toString().length) > 0)
{
var objectNodes = resultXml.getElementsByTagName( "BusinessEntity" );
// create an array of SecurityObject objects to deserialize the xml returned from the webservice
for ( var i = 0; i < objectNodes.length; i++ )
{
securityObjects[i] = new SecurityObject();
securityObjects[i].objectName = objectNodes[i].selectSingleNode( "q1:sonoma_targetname" ).text;
securityObjects[i].objectType = Number(objectNodes[i].selectSingleNode( "q1:sonoma_targettype" ).text);
securityObjects[i].securityLevel = Number(objectNodes[i].selectSingleNode( "q1:sonoma_behaviortype" ).text);
}
}
return securityObjects;
}
// SecurityObject properties
function SecurityObject()
{
this.objectName;
this.objectType;
this.securityLevel;
}
// Helper method to execute a SOAP request
function executeSoapRequest(action, xml)
{
var actionUrl = "http://schemas.microsoft.com/crm/2007/WebServices/";
actionUrl += action;
var xmlHttpRequest = new ActiveXObject("Msxml2.XMLHTTP");
xmlHttpRequest.Open("POST", "/mscrmservices/2007/CrmService.asmx", false);
xmlHttpRequest.setRequestHeader("SOAPAction",actionUrl);
xmlHttpRequest.setRequestHeader("Content-Type", "text/xml; charset=utf-8");
xmlHttpRequest.setRequestHeader("Content-Length", xml.length);
xmlHttpRequest.send(xml);
var resultXml = xmlHttpRequest.responseXML;
return resultXml;
}
// Helper method to return a single node value from XML
function getNodeValue(tree, el)
{
var retVal = null;
var e = null;
e = tree.getElementsByTagName(el);
if (e != null && e[0] != null) {
retVal = e[0].firstChild.nodeValue;
}
return retVal;
}
// Helper method to return a multiple node value from XML
function getMultipleNodeValues(tree, el)
{
var retVal = new Array();
var e = null;
e = tree.getElementsByTagName(el);
for(i = 0; i < e.length; i++) {
retVal[i] = e[i].firstChild.nodeValue;
}
return retVal;
}