Today I found one very problematic permission in my opinion:
the permissionset LOGIN contains the permissionset "System Application - Basic" that contains the permissionSet "System Application - Edit"
permissionset 22 "System Application - Edit"
{
Access = Internal;
Assignable = false;
IncludedPermissionSets = "System Application - View",
"Cues and KPIs - Edit",
"Data Classification - Edit",
"Email - Edit",
"Entity Text - Edit",
"Guided Experience - Edit",
"Language - Edit",
"Translation - Edit",
"Word Templates - Edit";
}
There is the "Language - Edit" that includes the following permission:
Permissions = tabledata Language = IMD;
Why in our freaking world does every user with the LOGIN permissions receive the right to delete a Language?
If a Language is deleted, then the method GetLanguageIdOrDefault of the codeunit 43 Language isn't working anymore and e.g. Sales Invoice are printed in the user language and aren't translated anymore.
Additional the permissionSet "Data Classification - Edit" is problematic there, too.
Business Central Team (administrator)
Thank you for this suggestion! Currently this is not on our roadmap. We are tracking this idea and if it gathers more votes and comments we will consider it in the future. Best regards, Business Central Team