/// <summary>
/// Revoke shared access for any entity
/// </summary>
/// <param name="service"></param>
/// <param name="entityReference">Reference to the entity that will have access revoked</param>
/// <param name="principals">Entity Refs for Teams or Users that will be granted permissions </param>
public static void RevokeAccess(this IOrganizationService service, EntityReference entityReference, List <EntityReference> principals)
{
var revokeRequest = new RevokeAccessRequest {
Target = entityReference
};
foreach (EntityReference principalObject in principals)
{
revokeRequest.Revokee = principalObject;
service.Execute(revokeRequest);
}
}
/// <summary>
/// Remove all access to a record for the specified principal.
/// <para>
/// For more information look at https://msdn.microsoft.com/en-us/library/microsoft.crm.sdk.messages.revokeaccessrequest(v=crm.8).aspx
/// </para>
/// </summary>
/// <param name="shareToPrincipal"><see cref="PrincipalType"/></param>
/// <param name="shareToId"></param>
/// <param name="targetEntityLogicalName"></param>
/// <param name="targetId"></param>
/// <returns>
/// <see cref="RevokeAccessResponse"/>
/// </returns>
public RevokeAccessResponse RemoveShare(PrincipalType shareToPrincipal, Guid shareToId, string targetEntityLogicalName, Guid targetId)
{
ExceptionThrow.IfGuidEmpty(shareToId, "shareToId");
ExceptionThrow.IfGuidEmpty(targetId, "targetId");
ExceptionThrow.IfNullOrEmpty(targetEntityLogicalName, "targetEntityLogicalName");
RevokeAccessRequest request = new RevokeAccessRequest()
{
Revokee = new EntityReference(shareToPrincipal.Description(), shareToId),
Target = new EntityReference(targetEntityLogicalName, targetId)
};
return((RevokeAccessResponse)this.OrganizationService.Execute(request));
}
protected override void Execute(CodeActivityContext executionContext)
{
#region "Load CRM Service from context"
Common objCommon = new Common(executionContext);
objCommon.tracingService.Trace("Load CRM Service from context --- OK");
#endregion
#region "Read Parameters"
String _SharingRecordURL = this.SharingRecordURL.Get(executionContext);
if (_SharingRecordURL == null || _SharingRecordURL == "")
{
return;
}
string[] urlParts = _SharingRecordURL.Split("?".ToArray());
string[] urlParams = urlParts[1].Split("&".ToCharArray());
string objectTypeCode = urlParams[0].Replace("etc=", "");
string objectId = urlParams[1].Replace("id=", "");
objCommon.tracingService.Trace("ObjectTypeCode=" + objectTypeCode + "--ParentId=" + objectId);
EntityReference teamReference = this.Team.Get(executionContext);
if (teamReference != null)
{
principals.Add(teamReference);
}
#endregion
#region "ApplyRoutingRuteamReferenceleRequest Execution"
string EntityName = objCommon.sGetEntityNameFromCode(objectTypeCode, objCommon.service);
EntityReference refObject = new EntityReference(EntityName, new Guid(objectId));
RevokeAccessRequest revoqueRequest = new RevokeAccessRequest();
revoqueRequest.Target = refObject;
foreach (EntityReference principalObject in principals)
{
revoqueRequest.Revokee = principalObject;
RevokeAccessResponse revoqueResponse = (RevokeAccessResponse)objCommon.service.Execute(revoqueRequest);
}
objCommon.tracingService.Trace("Revoqued Permissions--- OK");
#endregion
}
public object Put(RevokeAccessRequest request)
{
var account = Dao.FindByEmail(request.AccountEmail);
if (account != null)
{
_commandBus.Send(new UpdateRoleToUserAccount
{
AccountId = account.Id,
RoleName = RoleName.None
});
return(new HttpResult(HttpStatusCode.OK, "OK"));
}
throw new HttpError(HttpStatusCode.BadRequest, "Account not found");
}
private void btnDeleteSharings_Click(object sender, EventArgs e)
{
int revoked = 0;
try
{
var toBeRemoved = sharingDetailsList.Where(x => x.selected).Select(x => x.entity.Id).ToArray();
//for (int i = 0; i < sharingDetailsList.Where(x => x.selected).Count(); i++)
foreach (var sharing in sharingDetailsList.Where(x => x.selected))
{
//var sharing = sharingDetailsList[i];
var revokeAccessRequest = new RevokeAccessRequest
{
Revokee = new EntityReference(sharing.entity.GetAttributeValue <string>("principaltypecode"), sharing.entity.GetAttributeValue <Guid>("principalid")),
Target = new EntityReference(sharing.entity.GetAttributeValue <string>("objecttypecode"), sharing.entity.GetAttributeValue <Guid>("objectid")),
};
this.pvm.controllerManager.serviceClient.Execute(revokeAccessRequest);
revoked++;
}
for (int i = 0; i < toBeRemoved.Count(); i++)
{
sharingDetailsList.Remove(sharingDetailsList.FirstOrDefault(x => x.entity.Id == toBeRemoved[i]));
}
dgvSharingsSource.ResetBindings(false);
}
catch (Exception exception)
{
this.pvm.log.LogData(EventType.Exception, LogAction.SharingsRevoked, exception);
throw;
}
this.pvm.log.LogData(EventType.Event, LogAction.SharingsRevoked);
MessageBox.Show($"You successfully revoked {revoked} sharings.{Environment.NewLine}You may close the this window now.", "Sharings revoked !", MessageBoxButtons.OK,
MessageBoxIcon.Information);
}
//Code to remvove the sharing privileges for the target record and team
private void RevokeAccess(string targetEntityName, Guid targetRecordID, Guid teamID, IOrganizationService orgService)
{
try
{
//Get User or Team reference and Target Entity and record ID that needs to be shared.
var recordRef = new EntityReference(targetEntityName, targetRecordID);
var teamRef = new EntityReference("team", teamID);
var revokeAcess = new RevokeAccessRequest
{
Revokee = teamRef,
Target = recordRef
};
// Execute the Request
orgService.Execute(revokeAcess);
}
catch (Exception ex)
{
throw new Exception("An error occured in Revoking access." + ex.Message);
}
}
public void Run(ServerConnection.Configuration serverConfig,
bool promptforDelete)
{
using (_serviceProxy = new OrganizationServiceProxy(serverConfig.OrganizationUri, serverConfig.HomeRealmUri,serverConfig.Credentials, serverConfig.DeviceCredentials))
{
// This statement is required to enable early bound type support.
_serviceProxy.EnableProxyTypes();
CreateRequiredRecords();
// Retrieve and display the access that the calling user has to the
// created lead.
var leadReference = new EntityReference(Lead.EntityLogicalName, _leadId);
var currentUserReference = new EntityReference(
SystemUser.EntityLogicalName, _currentUserId);
RetrieveAndDisplayPrincipalAccess(leadReference, currentUserReference,
"Current User");
// Retrieve and display the access that the first user has to the
// created lead.
var systemUser1Ref = new EntityReference(SystemUser.EntityLogicalName,
_systemUserIds[0]);
RetrieveAndDisplayPrincipalAccess(leadReference, systemUser1Ref,
"System User 1");
// Grant the first user read access to the created lead.
var grantAccessRequest1 = new GrantAccessRequest
{
PrincipalAccess = new PrincipalAccess
{
AccessMask = AccessRights.ReadAccess,
Principal = systemUser1Ref
},
Target = leadReference
};
Console.WriteLine("Granting {0} to {1} ({2}) on the lead...\r\n",
AccessRights.ReadAccess, GetEntityReferenceString(systemUser1Ref), "System User 1");
_serviceProxy.Execute(grantAccessRequest1);
// Retrieve and display access information for the lead.
RetrieveAndDisplayPrincipalAccess(leadReference, systemUser1Ref,
"System User 1");
RetrieveAndDisplayLeadAccess(leadReference);
//<snippetUserAccess1>
// Grant the team read/write access to the lead.
var teamReference = new EntityReference(Team.EntityLogicalName, _teamId);
var grantAccessRequest = new GrantAccessRequest
{
PrincipalAccess = new PrincipalAccess
{
AccessMask = AccessRights.ReadAccess | AccessRights.WriteAccess,
Principal = teamReference
},
Target = leadReference
};
Console.WriteLine("Granting {0} to {1} ({2}) on the lead...\r\n",
AccessRights.ReadAccess | AccessRights.WriteAccess, GetEntityReferenceString(teamReference), "Team");
_serviceProxy.Execute(grantAccessRequest);
var systemUser2Ref = new EntityReference(SystemUser.EntityLogicalName,
_systemUserIds[1]);
//</snippetUserAccess1>
// Retrieve and display access information for the lead and system user 2.
RetrieveAndDisplayPrincipalAccess(leadReference, systemUser2Ref,
"System User 2");
RetrieveAndDisplayLeadAccess(leadReference);
//<snippetUserAccess2>
// Grant the first user delete access to the lead.
var modifyUser1AccessReq = new ModifyAccessRequest
{
PrincipalAccess = new PrincipalAccess
{
AccessMask = AccessRights.DeleteAccess,
Principal = systemUser1Ref
},
Target = leadReference
};
Console.WriteLine("Granting delete access to {0} on the lead...\r\n",
GetEntityReferenceString(systemUser1Ref));
_serviceProxy.Execute(modifyUser1AccessReq);
//</snippetUserAccess2>
// Retrieve and display access information for the lead.
RetrieveAndDisplayLeadAccess(leadReference);
//<snippetUserAccess3>
// Revoke access to the lead for the second user.
var revokeUser2AccessReq = new RevokeAccessRequest
{
Revokee = systemUser2Ref,
Target = leadReference
};
Console.WriteLine("Revoking access to the lead for {0}...\r\n",
GetEntityReferenceString(systemUser2Ref));
_serviceProxy.Execute(revokeUser2AccessReq);
//</snippetUserAccess3>
// Retrieve and display access information for the lead.
RetrieveAndDisplayPrincipalAccess(leadReference, systemUser2Ref,
"System User 2");
RetrieveAndDisplayLeadAccess(leadReference);
DeleteRequiredRecords(promptforDelete);
}
}
/// <summary>
/// Demonstrates sharing records by exercising various access messages including:
/// Grant, Modify, Revoke, RetrievePrincipalAccess, and
/// RetrievePrincipalsAndAccess.
/// </summary>
/// <param name="serverConfig">Contains server connection information.</param>
/// <param name="promptforDelete">When True, the user will be prompted to delete all
/// created entities.</param>
public void Run(ServerConnection.Configuration serverConfig, bool promptforDelete)
{
try
{
// Connect to the Organization service.
// The using statement assures that the service proxy will be properly disposed.
using (_serviceProxy = new OrganizationServiceProxy(serverConfig.OrganizationUri, serverConfig.HomeRealmUri, serverConfig.Credentials, serverConfig.DeviceCredentials))
{
// This statement is required to enable early-bound type support.
_serviceProxy.EnableProxyTypes();
_service = (IOrganizationService)_serviceProxy;
CreateRequiredRecords();
#region GrantAccess Message
// Create the request object and set the target and principal access
// object.
GrantAccessRequest grantRequest = new GrantAccessRequest()
{
Target = new EntityReference(Account.EntityLogicalName, _accountId),
PrincipalAccess = new PrincipalAccess()
{
Principal = new EntityReference(SystemUser.EntityLogicalName, _userId),
AccessMask = AccessRights.WriteAccess | AccessRights.ReadAccess | AccessRights.ShareAccess
}
};
// Execute the request.
GrantAccessResponse grantResponse =
(GrantAccessResponse)_service.Execute(grantRequest);
Console.Write("Access Granted ");
#endregion
#region ModifyAccess Message
// Create the request object and set the target and principal access
// object.
ModifyAccessRequest modifyRequest = new ModifyAccessRequest()
{
Target = new EntityReference(Account.EntityLogicalName, _accountId),
PrincipalAccess = new PrincipalAccess()
{
Principal = new EntityReference(SystemUser.EntityLogicalName, _userId),
AccessMask = AccessRights.ReadAccess | AccessRights.ShareAccess
}
};
// Execute the request.
ModifyAccessResponse modifyResponse =
(ModifyAccessResponse)_service.Execute(modifyRequest);
Console.Write("and Modified. ");
#endregion
#region RetrievePrincipalAccess Message
// Create the request object and set the target and principal.
RetrievePrincipalAccessRequest retrieveRequest = new RetrievePrincipalAccessRequest()
{
Target = new EntityReference(Account.EntityLogicalName, _accountId),
Principal = new EntityReference(SystemUser.EntityLogicalName, _userId)
};
// Execute the request.
RetrievePrincipalAccessResponse retrieveResponse =
(RetrievePrincipalAccessResponse)_service.Execute(retrieveRequest);
Console.Write("Retrieved principal access. ");
#endregion
#region RetrieveSharedPrincipalsAndAccess Message
// Create the request object and set the target.
RetrieveSharedPrincipalsAndAccessRequest retrieveSharedRequest =
new RetrieveSharedPrincipalsAndAccessRequest()
{
Target = new EntityReference(Account.EntityLogicalName, _accountId)
};
// Execute the request.
RetrieveSharedPrincipalsAndAccessResponse retrieveSharedResponse =
(RetrieveSharedPrincipalsAndAccessResponse)_service.Execute(retrieveSharedRequest);
Console.Write("Retrieved principals and access. ");
#endregion
#region RevokeAccess Message
// Create the request object and set the target and revokee.
RevokeAccessRequest revokeRequest = new RevokeAccessRequest()
{
Target = new EntityReference(Account.EntityLogicalName, _accountId),
Revokee = new EntityReference(SystemUser.EntityLogicalName, _userId)
};
// Execute the request.
RevokeAccessResponse revokeResponse =
(RevokeAccessResponse)_service.Execute(revokeRequest);
Console.Write("Revoked Access.");
#endregion
DeleteRequiredRecords(promptforDelete);
}
}
// Catch any service fault exceptions that Microsoft Dynamics CRM throws.
catch (FaultException <Microsoft.Xrm.Sdk.OrganizationServiceFault> )
{
// You can handle an exception here or pass it back to the calling method.
throw;
}
}
public void Run(ServerConnection.Configuration serverConfig,
bool promptforDelete)
{
using (_serviceProxy = ServerConnection.GetOrganizationProxy(serverConfig))
{
// This statement is required to enable early bound type support.
_serviceProxy.EnableProxyTypes();
CreateRequiredRecords();
// Retrieve and display the access that the calling user has to the
// created lead.
var leadReference = new EntityReference(Lead.EntityLogicalName, _leadId);
var currentUserReference = new EntityReference(
SystemUser.EntityLogicalName, _currentUserId);
RetrieveAndDisplayPrincipalAccess(leadReference, currentUserReference,
"Current User");
// Retrieve and display the access that the first user has to the
// created lead.
var systemUser1Ref = new EntityReference(SystemUser.EntityLogicalName,
_systemUserIds[0]);
RetrieveAndDisplayPrincipalAccess(leadReference, systemUser1Ref,
"System User 1");
// Grant the first user read access to the created lead.
var grantAccessRequest1 = new GrantAccessRequest
{
PrincipalAccess = new PrincipalAccess
{
AccessMask = AccessRights.ReadAccess,
Principal = systemUser1Ref
},
Target = leadReference
};
Console.WriteLine("Granting {0} to {1} ({2}) on the lead...\r\n",
AccessRights.ReadAccess, GetEntityReferenceString(systemUser1Ref), "System User 1");
_serviceProxy.Execute(grantAccessRequest1);
// Retrieve and display access information for the lead.
RetrieveAndDisplayPrincipalAccess(leadReference, systemUser1Ref,
"System User 1");
RetrieveAndDisplayLeadAccess(leadReference);
//<snippetUserAccess1>
// Grant the team read/write access to the lead.
var teamReference = new EntityReference(Team.EntityLogicalName, _teamId);
var grantAccessRequest = new GrantAccessRequest
{
PrincipalAccess = new PrincipalAccess
{
AccessMask = AccessRights.ReadAccess | AccessRights.WriteAccess,
Principal = teamReference
},
Target = leadReference
};
Console.WriteLine("Granting {0} to {1} ({2}) on the lead...\r\n",
AccessRights.ReadAccess | AccessRights.WriteAccess, GetEntityReferenceString(teamReference), "Team");
_serviceProxy.Execute(grantAccessRequest);
var systemUser2Ref = new EntityReference(SystemUser.EntityLogicalName,
_systemUserIds[1]);
//</snippetUserAccess1>
// Retrieve and display access information for the lead and system user 2.
RetrieveAndDisplayPrincipalAccess(leadReference, systemUser2Ref,
"System User 2");
RetrieveAndDisplayLeadAccess(leadReference);
//<snippetUserAccess2>
// Grant the first user delete access to the lead.
var modifyUser1AccessReq = new ModifyAccessRequest
{
PrincipalAccess = new PrincipalAccess
{
AccessMask = AccessRights.DeleteAccess,
Principal = systemUser1Ref
},
Target = leadReference
};
Console.WriteLine("Granting delete access to {0} on the lead...\r\n",
GetEntityReferenceString(systemUser1Ref));
_serviceProxy.Execute(modifyUser1AccessReq);
//</snippetUserAccess2>
// Retrieve and display access information for the lead.
RetrieveAndDisplayLeadAccess(leadReference);
//<snippetUserAccess3>
// Revoke access to the lead for the second user.
var revokeUser2AccessReq = new RevokeAccessRequest
{
Revokee = systemUser2Ref,
Target = leadReference
};
Console.WriteLine("Revoking access to the lead for {0}...\r\n",
GetEntityReferenceString(systemUser2Ref));
_serviceProxy.Execute(revokeUser2AccessReq);
//</snippetUserAccess3>
// Retrieve and display access information for the lead.
RetrieveAndDisplayPrincipalAccess(leadReference, systemUser2Ref,
"System User 2");
RetrieveAndDisplayLeadAccess(leadReference);
DeleteRequiredRecords(promptforDelete);
}
}
public void Entity_Revoked_Access_Does_Not_Have_Access_Multiple_Users()
{
var context = new XrmFakedContext();
var contact = new Contact {
Id = Guid.NewGuid()
};
var user1 = new SystemUser {
Id = Guid.NewGuid()
};
var user2 = new SystemUser {
Id = Guid.NewGuid()
};
context.Initialize(new List <Entity>
{
contact, user1, user2
});
var service = context.GetFakedOrganizationService();
GrantAccessRequest gar = new GrantAccessRequest
{
PrincipalAccess = new PrincipalAccess
{
AccessMask = AccessRights.ReadAccess,
Principal = user1.ToEntityReference()
},
Target = contact.ToEntityReference()
};
service.Execute(gar);
gar = new GrantAccessRequest
{
PrincipalAccess = new PrincipalAccess
{
AccessMask = AccessRights.ReadAccess | AccessRights.WriteAccess | AccessRights.DeleteAccess | AccessRights.CreateAccess,
Principal = user2.ToEntityReference()
},
Target = contact.ToEntityReference()
};
service.Execute(gar);
RetrievePrincipalAccessRequest rpar = new RetrievePrincipalAccessRequest
{
Target = contact.ToEntityReference(),
Principal = user1.ToEntityReference()
};
RetrievePrincipalAccessResponse rpaResp = (RetrievePrincipalAccessResponse)service.Execute(rpar);
Assert.NotEqual(AccessRights.None, rpaResp.AccessRights);
Assert.True(rpaResp.AccessRights.HasFlag(AccessRights.ReadAccess));
Assert.False(rpaResp.AccessRights.HasFlag(AccessRights.AppendAccess));
Assert.False(rpaResp.AccessRights.HasFlag(AccessRights.AppendToAccess));
Assert.False(rpaResp.AccessRights.HasFlag(AccessRights.AssignAccess));
Assert.False(rpaResp.AccessRights.HasFlag(AccessRights.CreateAccess));
Assert.False(rpaResp.AccessRights.HasFlag(AccessRights.DeleteAccess));
Assert.False(rpaResp.AccessRights.HasFlag(AccessRights.ShareAccess));
Assert.False(rpaResp.AccessRights.HasFlag(AccessRights.WriteAccess));
rpar = new RetrievePrincipalAccessRequest
{
Target = contact.ToEntityReference(),
Principal = user2.ToEntityReference()
};
rpaResp = (RetrievePrincipalAccessResponse)service.Execute(rpar);
Assert.NotEqual(AccessRights.None, rpaResp.AccessRights);
Assert.True(rpaResp.AccessRights.HasFlag(AccessRights.ReadAccess));
Assert.False(rpaResp.AccessRights.HasFlag(AccessRights.AppendAccess));
Assert.False(rpaResp.AccessRights.HasFlag(AccessRights.AppendToAccess));
Assert.False(rpaResp.AccessRights.HasFlag(AccessRights.AssignAccess));
Assert.True(rpaResp.AccessRights.HasFlag(AccessRights.CreateAccess));
Assert.True(rpaResp.AccessRights.HasFlag(AccessRights.DeleteAccess));
Assert.False(rpaResp.AccessRights.HasFlag(AccessRights.ShareAccess));
Assert.True(rpaResp.AccessRights.HasFlag(AccessRights.WriteAccess));
RevokeAccessRequest rar = new RevokeAccessRequest
{
Target = contact.ToEntityReference(),
Revokee = user1.ToEntityReference()
};
service.Execute(rar);
rpar = new RetrievePrincipalAccessRequest
{
Target = contact.ToEntityReference(),
Principal = user1.ToEntityReference()
};
rpaResp = (RetrievePrincipalAccessResponse)service.Execute(rpar);
Assert.Equal(AccessRights.None, rpaResp.AccessRights);
rpar = new RetrievePrincipalAccessRequest
{
Target = contact.ToEntityReference(),
Principal = user2.ToEntityReference()
};
rpaResp = (RetrievePrincipalAccessResponse)service.Execute(rpar);
Assert.NotEqual(AccessRights.None, rpaResp.AccessRights);
Assert.True(rpaResp.AccessRights.HasFlag(AccessRights.ReadAccess));
Assert.False(rpaResp.AccessRights.HasFlag(AccessRights.AppendAccess));
Assert.False(rpaResp.AccessRights.HasFlag(AccessRights.AppendToAccess));
Assert.False(rpaResp.AccessRights.HasFlag(AccessRights.AssignAccess));
Assert.True(rpaResp.AccessRights.HasFlag(AccessRights.CreateAccess));
Assert.True(rpaResp.AccessRights.HasFlag(AccessRights.DeleteAccess));
Assert.False(rpaResp.AccessRights.HasFlag(AccessRights.ShareAccess));
Assert.True(rpaResp.AccessRights.HasFlag(AccessRights.WriteAccess));
}
[STAThread] // Added to support UX
static void Main(string[] args)
{
CrmServiceClient service = null;
try
{
service = SampleHelpers.Connect("Connect");
if (service.IsReady)
{
#region Sample Code
//////////////////////////////////////////////
#region Set up
SetUpSample(service);
#endregion Set up
#region Demonstrate
// Retrieve and display the access that the calling user has to the
// created lead.
var accountReference = new EntityReference(Account.EntityLogicalName, _accountId);
var currentUserReference = new EntityReference(
SystemUser.EntityLogicalName, _currentUserId);
RetrieveAndDisplayPrincipalAccess(service, accountReference, currentUserReference,
"Current User");
// Retrieve and display the access that the first user has to the
// created lead.
var systemUser1Ref = new EntityReference(SystemUser.EntityLogicalName,
_systemUserIds[0]);
RetrieveAndDisplayPrincipalAccess(service, accountReference, systemUser1Ref,
"System User 1");
// Grant the first user read access to the created lead.
var grantAccessRequest1 = new GrantAccessRequest
{
PrincipalAccess = new PrincipalAccess
{
AccessMask = AccessRights.ReadAccess,
Principal = systemUser1Ref
},
Target = accountReference
};
Console.WriteLine("Granting {0} to {1} ({2}) on the lead...\r\n",
AccessRights.ReadAccess, GetEntityReferenceString(service, systemUser1Ref), "System User 1");
service.Execute(grantAccessRequest1);
// Retrieve and display access information for the lead.
RetrieveAndDisplayPrincipalAccess(service, accountReference, systemUser1Ref,
"System User 1");
RetrieveAndDisplayAccountAccess(service, accountReference);
// Grant the team read/write access to the lead.
var teamReference = new EntityReference(Team.EntityLogicalName, _teamId);
var grantAccessRequest = new GrantAccessRequest
{
PrincipalAccess = new PrincipalAccess
{
AccessMask = AccessRights.ReadAccess | AccessRights.WriteAccess,
Principal = teamReference
},
Target = accountReference
};
Console.WriteLine("Granting {0} to {1} ({2}) on the lead...\r\n",
AccessRights.ReadAccess | AccessRights.WriteAccess, GetEntityReferenceString(service, teamReference), "Team");
service.Execute(grantAccessRequest);
var systemUser2Ref = new EntityReference(SystemUser.EntityLogicalName,
_systemUserIds[1]);
// Retrieve and display access information for the lead and system user 2.
RetrieveAndDisplayPrincipalAccess(service, accountReference, systemUser2Ref,
"System User 2");
RetrieveAndDisplayAccountAccess(service, accountReference);
// Grant the first user delete access to the lead.
var modifyUser1AccessReq = new ModifyAccessRequest
{
PrincipalAccess = new PrincipalAccess
{
AccessMask = AccessRights.DeleteAccess,
Principal = systemUser1Ref
},
Target = accountReference
};
Console.WriteLine("Granting delete access to {0} on the account...\r\n",
GetEntityReferenceString(service, systemUser1Ref));
service.Execute(modifyUser1AccessReq);
// Retrieve and display access information for the lead.
RetrieveAndDisplayAccountAccess(service, accountReference);
// Revoke access to the lead for the second user.
var revokeUser2AccessReq = new RevokeAccessRequest
{
Revokee = systemUser2Ref,
Target = accountReference
};
Console.WriteLine("Revoking access to the lead for {0}...\r\n",
GetEntityReferenceString(service, systemUser2Ref));
service.Execute(revokeUser2AccessReq);
// Retrieve and display access information for the lead.
RetrieveAndDisplayPrincipalAccess(service, accountReference, systemUser2Ref,
"System User 2");
RetrieveAndDisplayAccountAccess(service, accountReference);
#region Clean up
CleanUpSample(service);
#endregion Clean up
}
#endregion Demonstrate
else
{
const string UNABLE_TO_LOGIN_ERROR = "Unable to Login to Common Data Service";
if (service.LastCrmError.Equals(UNABLE_TO_LOGIN_ERROR))
{
Console.WriteLine("Check the connection string values in cds/App.config.");
throw new Exception(service.LastCrmError);
}
else
{
throw service.LastCrmException;
}
}
}
#endregion Sample Code
catch (Exception ex)
{
SampleHelpers.HandleException(ex);
}
finally
{
if (service != null)
{
service.Dispose();
}
Console.WriteLine("Press <Enter> to exit.");
Console.ReadLine();
}
}
/// <summary>
/// Demonstrates sharing records by exercising various access messages including:
/// Grant, Modify, Revoke, RetrievePrincipalAccess, and
/// RetrievePrincipalsAndAccess.
/// </summary>
/// <param name="serverConfig">Contains server connection information.</param>
/// <param name="promptforDelete">When True, the user will be prompted to delete all
/// created entities.</param>
public void Run(ServerConnection.Configuration serverConfig, bool promptforDelete)
{
try
{
//<snippetSharingRecords1>
// Connect to the Organization service.
// The using statement assures that the service proxy will be properly disposed.
using (_serviceProxy = new OrganizationServiceProxy(serverConfig.OrganizationUri, serverConfig.HomeRealmUri,serverConfig.Credentials, serverConfig.DeviceCredentials))
{
// This statement is required to enable early-bound type support.
_serviceProxy.EnableProxyTypes();
_service = (IOrganizationService)_serviceProxy;
CreateRequiredRecords();
#region GrantAccess Message
// Create the request object and set the target and principal access
// object.
GrantAccessRequest grantRequest = new GrantAccessRequest()
{
Target = new EntityReference(Account.EntityLogicalName, _accountId),
PrincipalAccess = new PrincipalAccess()
{
Principal = new EntityReference(SystemUser.EntityLogicalName, _userId),
AccessMask = AccessRights.WriteAccess | AccessRights.ReadAccess | AccessRights.ShareAccess
}
};
// Execute the request.
GrantAccessResponse grantResponse =
(GrantAccessResponse)_service.Execute(grantRequest);
Console.Write("Access Granted ");
#endregion
#region ModifyAccess Message
// Create the request object and set the target and principal access
// object.
ModifyAccessRequest modifyRequest = new ModifyAccessRequest()
{
Target = new EntityReference(Account.EntityLogicalName, _accountId),
PrincipalAccess = new PrincipalAccess()
{
Principal = new EntityReference(SystemUser.EntityLogicalName, _userId),
AccessMask = AccessRights.ReadAccess | AccessRights.ShareAccess
}
};
// Execute the request.
ModifyAccessResponse modifyResponse =
(ModifyAccessResponse)_service.Execute(modifyRequest);
Console.Write("and Modified. ");
#endregion
#region RetrievePrincipalAccess Message
// Create the request object and set the target and principal.
RetrievePrincipalAccessRequest retrieveRequest = new RetrievePrincipalAccessRequest()
{
Target = new EntityReference(Account.EntityLogicalName, _accountId),
Principal = new EntityReference(SystemUser.EntityLogicalName, _userId)
};
// Execute the request.
RetrievePrincipalAccessResponse retrieveResponse =
(RetrievePrincipalAccessResponse)_service.Execute(retrieveRequest);
Console.Write("Retrieved principal access. ");
#endregion
#region RetrieveSharedPrincipalsAndAccess Message
// Create the request object and set the target.
RetrieveSharedPrincipalsAndAccessRequest retrieveSharedRequest =
new RetrieveSharedPrincipalsAndAccessRequest()
{
Target = new EntityReference(Account.EntityLogicalName, _accountId)
};
// Execute the request.
RetrieveSharedPrincipalsAndAccessResponse retrieveSharedResponse =
(RetrieveSharedPrincipalsAndAccessResponse)_service.Execute(retrieveSharedRequest);
Console.Write("Retrieved principals and access. ");
#endregion
#region RevokeAccess Message
// Create the request object and set the target and revokee.
RevokeAccessRequest revokeRequest = new RevokeAccessRequest()
{
Target = new EntityReference(Account.EntityLogicalName, _accountId),
Revokee = new EntityReference(SystemUser.EntityLogicalName, _userId)
};
// Execute the request.
RevokeAccessResponse revokeResponse =
(RevokeAccessResponse)_service.Execute(revokeRequest);
Console.Write("Revoked Access.");
#endregion
DeleteRequiredRecords(promptforDelete);
}
//</snippetSharingRecords1>
}
// Catch any service fault exceptions that Microsoft Dynamics CRM throws.
catch (FaultException<Microsoft.Xrm.Sdk.OrganizationServiceFault>)
{
// You can handle an exception here or pass it back to the calling method.
throw;
}
}
