ModifyAccess Message (CrmService)

Article
06/04/2015
3 minutes to read

[Applies to: Microsoft Dynamics CRM 4.0]

Find the latest SDK documentation: CRM 2015 SDK

Works for all deployment types

Works online only

Replaces the access rights on the target entity instance for the specified security principal (user or team).

The relevant classes are specified in the following table.

Type	Class
Request	ModifyAccessRequest
Response	ModifyAccessResponse
Target	TargetOwned Class
Entity	See below.

The following table shows the entities and target classes for this message.

Entity	Target Class
account	TargetOwnedAccount
annotation	TargetOwnedannotation
appointment	TargetOwnedAppointment
asyncoperation	TargetOwnedAsyncOperation
campaign	TargetOwnedCampaign
campaignactivity	TargetOwnedCampaignActivity
campaignresponse	TargetOwnedCampaignResponse
contact	TargetOwnedContact
contract	TargetOwnedContract
customeropportunityrole	TargetOwnedCustomerOpportunityRole
customerrelationship	TargetOwnedCustomerRelationship
duplicaterule	TargetOwnedDuplicateRule
DynamicEntity	TargetOwnedDynamic
email	TargetOwnedEmail
fax	TargetOwnedFax
incident	TargetOwnedIncident
incidentresolution	TargetCreateIncidentResolution
invoice	TargetOwnedInvoice
lead	TargetOwnedLead
letter	TargetOwnedLetter
list	TargetOwnedList
mailmergetemplate	TargetOwnedMailMergeTemplate
opportunity	TargetOwnedOpportunity
opportunityclose	TargetOwnedOpportunityClose
orderclose	TargetOwnedOrderClose
phonecall	TargetOwnedPhoneCall
quote	TargetOwnedQuote
quoteclose	TargetOwnedQuoteClose
report	TargetOwnedReport
salesorder	TargetOwnedSalesOrder
serviceappointment	TargetOwnedServiceAppointment
task	TargetOwnedTask
template	TargetOwnedTemplate
User owned custom entity	TargetOwnedX where X is the name of the entity
userquery	TargetOwnedUserQuery
workflow	TargetOwnedWorkflow

Remarks

To use this message, pass an instance of the ModifyAccessRequest class as the request parameter in the Execute method.

This action applies to all child instances of the target entity instance. For all child instances, if the caller does not have share privileges for those entity types, or share rights to the instances, the child instances are not shared. As a result, the owner of the entity instance, or a user who shares the instance with share rights, automatically has share rights to all child instances of the target entity instance. In this case, only the lack of privileges to a particular entity type prevents the child instances from being shared.

For a description of how actions on a parent instance affect child instances, see Cascading Rules.

To perform this action, the caller must have access rights on the entity instance specified in the request class. For a list of required privileges, see ModifyAccess Privileges.

Example

The following code example shows how to use the ModifyAccess message.

[C#]
// Set up the CRM service.
CrmAuthenticationToken token = new CrmAuthenticationToken();
// You can use enums.cs from the SDK\Helpers folder to get the enumeration for Active Directory authentication.
token.AuthenticationType = 0; 
token.OrganizationName = "AdventureWorksCycle";
 
CrmService service = new CrmService();
service.Url = "http://<servername>:<port>/mscrmservices/2007/crmservice.asmx";
service.CrmAuthenticationTokenValue = token;
service.Credentials = System.Net.CredentialCache.DefaultCredentials;

// Create the Security Principal Object
SecurityPrincipal principal = new SecurityPrincipal();
principal.Type = SecurityPrincipalType.User;

// PrincipalId is the Guid of the user whose access is being modified
principal.PrincipalId = new Guid("7B222F98-F48A-4AED-9D09-77A19CB6EE82");

// Create the PrincipalAccess
PrincipalAccess principalAccess = new PrincipalAccess();

// Set the PrincipalAccess Object's Properties
principalAccess.Principal = principal;

// gives the principal access to read
principalAccess.AccessMask = AccessRights.ReadAccess;

// Create the Target Object for the Request
TargetOwnedAccount target = new TargetOwnedAccount();

// EntityId is the Guid of the account whose access is being modified
target.EntityId = new Guid("2B951FBC-1C56-4430-B23B-20A1349068F3");

// Create the Request Object
ModifyAccessRequest modify = new ModifyAccessRequest();

// Set the Request Object's Properties
modify.PrincipalAccess = principalAccess;
modify.Target = target;

// Execute the Request
ModifyAccessResponse modified = (ModifyAccessResponse)service.Execute(modify);

[Visual Basic .NET]
' Set up the CRM service.
Dim token As New CrmAuthenticationToken()
' You can use enums.cs from the SDK\Helpers folder to get the enumeration for Active Directory authentication.
token.AuthenticationType = 0
token.OrganizationName = "AdventureWorksCycle";
 
Dim service As New CrmService()
service.Url = "http://<servername>:<port>/mscrmservices/2007/crmservice.asmx";
service.CrmAuthenticationTokenValue = token;
service.Credentials = System.Net.CredentialCache.DefaultCredentials

' Create the Security Principal Object
Dim principal As New SecurityPrincipal()
principal.Type = SecurityPrincipalType.User

' PrincipalId is the Guid of the user whose access is being modified
principal.PrincipalId = New Guid("7B222F98-F48A-4AED-9D09-77A19CB6EE82");

' Create the PrincipalAccess
Dim principalAccess As New PrincipalAccess()

' Set the PrincipalAccess Object's Properties
principalAccess.Principal = principal

' gives the principal access to read
principalAccess.AccessMask = AccessRights.ReadAccess

' Create the Target Object for the Request
Dim target As New TargetOwnedAccount()

' EntityId is the Guid of the account whose access is being modified
target.EntityId = New Guid("2B951FBC-1C56-4430-B23B-20A1349068F3");

' Create the Request Object
Dim modify As New ModifyAccessRequest()

' Set the Request Object's Properties
modify.PrincipalAccess = principalAccess
modify.Target = target

' Execute the Request
Dim modified As ModifyAccessResponse = CType(service.Execute(modify), ModifyAccessResponse)

See Also

Concepts

Reference

CrmService Messages