Permissions and Permission Sets – basic info
Anything a user can or cannot do is governed by Permissions assigned to that user.
Permissions are gathered into “Permission Sets” and assigned to a user on the “Business Central” user card.
The “ultimate” set is the “SUPER”. It has no restrictions.
“SUPER” users can do absolutely everything in the system (given, of course, that they also have a FULL license).
A company should only have 1-2 people with that kind of power.
The rest of the users are assigned different sets that allow some things and restrict others.
Navigate to “permission sets” page to see them all. Some are from Microsoft, but PrintVis has also created a few “starter” sets that can be tweaked later, based on specific requirements.
* Some updates from Microsoft may affect the permissions!
If an update happened and users complain they cannot do certain things or are getting some interesting error messages, check the permissions - they may need some adjustment!
A typical set has quite a lot of permissions. Select a set and click “Permissions”:
There are different kinds of permissions:
We usually use “Table Data”, “Table” and “Page”.
For each permission, we identify whether a user can read, insert, modify or delete the data.
Some permissions may allow users to only see the data, but not edit or delete.
Some may allow editing but not deletion.
In a lot of cases, we assign multiple permission to a user.
For example, there may be a “Basic” set of permissions that everyone gets and then a few more specific sets - tailored for a specific user task.
Example from the live system:
Managing permissions is a huge task, but if done correctly it is a great user management tool.
It is recommended that a company creates task tables, which can then be mapped to specific permissions.
Extra info: sometimes permissions can be “recorded”.
That means we can pick an experienced user, ask them to perform a specific task and start recording.
As the user opens and closes the pages and adds / edits / deletes the data in the fields, each corresponding permission and action gets recorded and saved into a “set”.