Out-of-the-box PSA’s Project Manager security role provides complete access to even other Project Managers. But then, what if you want to bring down the access of the Project Managers to their own Projects only?
Remember, access in D365 PSA is provided for Owner (ownerid) field and not Project Manager (msdyn_projectmanager) field.
Now, I don’t want a Project Manager to have access to others Projects and looks like this can’t be controlled from the Security Level perspective, given the Project Manager is a separate field than Owner of the Project.
So, I’ll limit the access to only the User level (the one who created the record would have the access, obviously)
But this remove the access from even the Project Managers since they don’t own the Projects. To overcome this, I’ve written a simple plugin to provide access to the Project Manager whenever they are updated by Sharing and giving PMs the access.
For this, I’ve written a plugin code that will grant all permissions to the Project Manager of that Project and I would like to share this with you all to consume it.
Here’s the GitHub repository I’ve created which has the plugin code and the Unmanaged Solution that contains only the plugin assembly and the registered step –
The D365 Unmanaged Solution resides here –
This will work in the following scenarios –
- When a Project Manager is changed from Person A to Person B, the access rights of Person A will be removed and granted to Person B.
- You can even create a trigger field and use an on-demand workflow to set the trigger. This trigger should be included in the filtering attributes of the plugin step to update the existing records.
This will provide access to the Project Manager of the Project automatically apart from the Owner so that they see/access only Projects that concern them
Make sure no other security role is overriding your restricted access.
Hope this helps! 🙂