If we could define "deny permissions", we can basically set up anything, and circumvent any upgrade situation. Just imagine I was able to create a permissionset, with a deny on the insert, modify,delete of an entity. That way, I can simply use the default permissions, and change it to a read-only for customers in any case, and still facilitate any upgrade, as an update to a default permission sets, will facilitate the new tables, and still deny one ones that I set up in my custom permission set.
Some other scenarios:
- we could simply set up permissionsets with a table0 and then some deny-permissions of the few ones I don't want users to access. This would be much simpler (and more readable) than adding +700 tables to a permissionset.
- If we could apply this "deny" specifically to a read/insert/modify/delete, we could even CHANGE permissionsets, by simply deny a Read and/or Modify and/or Delete and/or Insert .. and of course still facilitate the upgrade.
Just to put in perspective why I think this is necessary: users haven't been able to log into Business Central after an upgrade ...
Comments
I believe this feature was included in the release notes for 2022 Wave 1, until a few days ago that is.
I thought we were FINALLY getting such a feature and now it seems to have just disappeared from the upcoming feature list, also doesn't show up on the 2022 Wave 2 feature list.
Microsoft, please get this feature in asap.
Category: General
I hope it's not THAT long term ;-)
Category: General
Business Central Team (administrator)