Share via

Assign a Custom Role to a User

  • Article

This sample assigns a custom security role to a user.

Class Reference

Schema Reference

  • role.xsd

Example

[C#]

public void AssignCustomRole()
{
   // strServer should be set with the name of the platform Web server
   String strServer = "MyServerName";

   // strVirtualDirectory should be set with the name of the Microsoft CRM
   // virtual directory on the platform Web server
   String strVirtualDirectory = "mscrmservices";

   // Create the URL to the SRF files for platform objects
   String strDir = String.Concat("https://", strServer, "/",
                                 strVirtualDirectory, "/");

   // BizUser proxy object
   Microsoft.Crm.Platform.Proxy.BizUser bizUser 
               = new Microsoft.Crm.Platform.Proxy.BizUser ();
   bizUser.Credentials = System.Net.CredentialCache.DefaultCredentials;
   bizUser.Url = String.Concat(strDir, "BizUser.srf");

   // SecRole proxy object
   Microsoft.Crm.Platform.Proxy.SecRole secRole 
               = new Microsoft.Crm.Platform.Proxy.SecRole ();
   secRole.Credentials = System.Net.CredentialCache.DefaultCredentials;
   secRole.Url = String.Concat(strDir, "SecRole.srf");

   String strErrorMsg;
   try
   {
      // Get the UserAuth of the currently logged on user
      Microsoft.Crm.Platform.Proxy.CUserAuth userAuth = bizUser.WhoAmI();

      // Build a role XML string in the business unit of the caller
      // Name of the role should be unique in an organization
      StringBuilder secRoleXml = new StringBuilder("<role>");
      secRoleXml.Append("<name>Sales Assistant</name><businessunitid>");
      secRoleXml.Append(userAuth.MerchantId.ToString());
      secRoleXml.Append("</businessunitid></role>");

      // Array for role IDs
      String[] roleIds = new String[1];

      // Create a custom role
      roleIds[0] = secRole.Create(userAuth, secRoleXml.ToString()); 

      // Array for privilege IDs
      Microsoft.Crm.Platform.Proxy.CRolePrivilege[] privilegeIds 
                  = new Microsoft.Crm.Platform.Proxy.CRolePrivilege[2];

      // Get a couple of privileges to be added to this role
      privilegeIds[0] 
               = new Microsoft.Crm.Platform.Proxy.CRolePrivilege();
      privilegeIds[1] 
               = new Microsoft.Crm.Platform.Proxy.CRolePrivilege();

      // Users can create accounts (BASIC)
      privilegeIds[0].PrivilegeId 
               = "{D26FE964-230B-42DD-AD93-5CC879DE411E}"; 
      privilegeIds[0].Depth 
               = Microsoft.Crm.Platform.Proxy.PRIVILEGE_DEPTH.BASIC;
      
      // Users can read accounts (BASIC)
      privilegeIds[1].PrivilegeId 
               = "{886B280C-6396-4D56-A0A3-2C1B0A50CEB0}";   
      privilegeIds[1].Depth 
               = Microsoft.Crm.Platform.Proxy.PRIVILEGE_DEPTH.BASIC;

      // Add a couple of privileges to the role
      secRole.AddPrivileges(userAuth, roleIds[0], privilegeIds);

      // Assign the custom role to the caller user
      secRole.AssignUserRoles(userAuth, userAuth.UserId, roleIds);
   }
   catch (System.Web.Services.Protocols.SoapException err)
   {
      // Process the platform error here
      strErrorMsg = String.Concat("ErrorMessage: ", err.Message, " ",
                      err.Detail.OuterXml, " Source: ", err.Source);
   }
}

© 2005 Microsoft Corporation. All rights reserved.