In ribbon button customization, it is a common scenario to show the button only to a certain set of users who have a certain security role.
Security Role Scenario
- Let’s assume Subscription Manager is a security role in your Dynamics 365.
- And the Ribbon button will only be visible to the Users who have been assigned this Security Role.
- If they have this Role, they’ll be able to see the button as below
- And, if the Role is not assigned, the logged In user won’t be able to see the Button.
- See below that in this case, the button will not show up.
Tip: Make sure you now pass the PrimaryControl (context) to any JS functions and avoid using Xrm.Page since the same has been deprecated.
- Hard-code the GUID of the Security Role which you are looking to check.
- Then read all the Security Roles assigned to the user.
- Once the Security Roles are found in the logged in User’s Security Role, return true. Else, return false.
Ribbon Button – Enable Rule
Let’s see how the button customization will look like in XrmToolBox’s Ribbon Customization –
- In Ribbon Workbench, you need to add a CustomRule under Enable Rules for the Ribbon button.
Also, pass the context PrimaryControl and using the same, pick the Security Roles of the logged in user as mentioned in the JS code explanation above.
I’m naming my Enable Rule as SecurityRoleCheck.
Now, the CustomRule I’ve applied will call the JS function and is expected to receive either a true or a false based on the code. If false – the button will not be enabled, if true – the button will be enabled.
- Now, make sure you add this Enable Rule to the Command (which is in-turn attached to the Ribbon Button itself)
Hope this was helpful. Here are some more XrmTool / Ribbon Button customization related posts you might find helpful –
- Ribbon button visibility based on a field value in Dynamics 365 | Ribbon Workbench
- Get GUID of the current View in Dynamics 365 CRM JS from ribbon button | Ribbon Workbench
- Pass Execution Context to JS Script function as a parameter from a Ribbon button in Dynamics 365 | Ribbon Workbench
- Pass selected rows’ GUIDs to ribbon button in D365 | Ribbon Workbench
- Debug Ribbon button customization using Command Checker in Dynamics 365 CE Unified Interface
- Show Ribbon button only on record selection in Dynamics CRM
- Hide Custom Ribbon Button [Easy Way] – Ribbon Workbench
- Enable Flow button on D365 Ribbon
- [SOLVED] Navigating URL from Ribbon’s custom button in Dynamics for Phones app
- Fix Ribbon icons on the Unified Interface in D365 CE
- Connecting XrmToolBox to an MFA enabled Dynamics 365 environment | Azure AD
- Find deprecated JS code used in your Dynamics 365 environment | Dynamics 365 v9 JS Validator tool | XrmToolBox
8 thoughts on “Show custom ribbon button based on Security Role of the logged in User in Dynamics 365 | Ribbon Workbench in XrmToolbox”
Hard coding the GUID of the role is a bad practice since it changes depending on the business unit the user is on. I would rather hard code the name of the role
Yes, agreed. Rather have it on the name of the Security Role, retrieve it and then use that GUID.
Don’t need the guid. Use roles.getAll() instead of securityRoles in usersettings and you will get a collection of rôles with their Id AND name
I have followed the steps you indicate, but when the button is visible can’t be click. Do you know what it could be, or how can I fix it?
Hi, can you make sure that the Command is attached to the button? If that’s missing, the button won’t show up.
Yes, the Command is attached to the button. When I logged with the user role, it’s hidden correctly, but with a different user (without the user role), the button is visible like “view mode”. I can not click on it.
thanks for putting this together. I implemented it recently and came across an issue.
People which havent the designated security role assigned do randomly see the buttons, Once I refresh they disappear again, when I navigate back and forth the button some times show up and some times not.
I have changed the Default value to false at the CustomRule, that has fixed the issue but now people with the right security role often have to hit F5 in order to see the buttons.
Do you have any idea on how to fix this?
Thanks in advance!
Oh! This is strange. Does this happen on a different browser too?
Also, can you try to Invert the actual logic and then Invert = true?