In testing Row-level Security to restrict users from accessing certain Customers and their related transactions, I found that if you attach any files to a Customer’s transactions those files are visible and accessible via Search for users who are actually restricted from those Customers. Even though the restricted users can’t see or access the Customer and their transactions they can see all file attachments to those Customers and transactions that are restricted.The only way I can tell to address this hole is to restrict access to the File Maintenance screen to all users and hope that plugs the hole and doesn’t restrict them from adding attachments to records. Testing will hopefully produce results in our favor.Anyone run into this before and have a strong understanding on how to work with it so that attachments follow the same Row-level Restrictions as the Entities and Records they are attached to?
When will the customization package be available for the Point of Sale module for 2021 R2?
Already have an account? Login
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.