Roles and privileges

Hi i need to generate a report to display roles and privileges for a user in the system.

So i took a query added UserInfo & SecurityRole when i run the report i select the user id then based on it i am able to fetch

userID,Username,company name,and status so in addition to this i require user role attached and privileges

Kindly let me know how to do this

Thanks in Advance [:D]

There are many tables related to security in AOT > System Documentation > Tables. For example, mapping between roles and users can be found in SecurityUserRole table.

Thanks Martin … could explain more as inok security user role but how do i get it out to my report

It depends on which data set type you’re using in your report. For example, if the report is based on a query, you’ll have to add the table to the query.

Thanks again …Yes it is based on query and i have added 3 tables 1.) UserInfo under it’s DS i have added 2.) Securityrole under it DS i have added 3.) Security User role… what field in Security user role will give you role & privileges

SecurityUserRole maps users and roles (that’s why it’s name is SecurityUserRole). Mapping between roles and privileges is in SecurityRoleTaskGrant.

Why don’t you look at the Security* tables in AOT? You could have found the answer by yourself.

Thank You Martin for your valuable time … i will try good day sir

If you need to display the Roles and all Privileges for a user, you will need to use more than just the SecurityRoleTaskGrant table …

“The SecurityRoleTaskGrant table contains the list of role to duty mappings and role to privilege mappings as defined by the AOT security role node.”

In other words, it contains only those Privileges that are mapped directly to the Role; it doesn’t contain the Privileges mapped to the Role through a Duty … which is how Privileges should be mapped to Roles.

You can confirm this yourself by running the following simple job: it will display the Role and the Duties assigned to it; no Privileges.
static void Job5(Args _args)
{
SecurityRole securityRole;
SecurityRoleTaskGrant securityRoleTaskGrant;
SecurityTask securityTask;

str60 roleName = “Marketing coordinator”;

while select RecId, Name from securityRole
join RecId, SecurityTask from securityRoleTaskGrant
join RecId, Name from securityTask
order by securityRole.Name, securityTask.Name
where securityRole.Name == roleName
&& securityRoleTaskGrant.SecurityRole == securityRole.RecId
&& securityTask.RecId == securityRoleTaskGrant.SecurityTask
{
info(strFmt(“Security Role: %1; Security Task: %2”, securityRole.Name, securityTask.Name));
}
}

That security elements in AX 2012 are organized in a hierarchy shouldn’t be surprising. If you don’t want to walk through the hierarchy by yourself, query SecurityTaskExplodedGraph instead of SecurityTask.

I have to repeat again - there are several tables related to security; spend a few minutes exploring them.

Thanks Ripi … code works fine could you also possibly write a code also to fetch user id

Output will be USER ID ROLE DUTIES

The code u gave displays role & duties which is wonderful