Sample: Associate a Security Role to a User

[Applies to: Microsoft Dynamics CRM 2011]

This sample code is for Microsoft Dynamics CRM 2011, and can be found in the following location in the SDK download:

SampleCode\CS\BusinessDataModel\UsersAndRoles\AddRoleToUser.cs

SampleCode\VB\BusinessDataModel\UsersAndRoles\AddRoleToUser.vb

Requirements

For more information about the requirements for running the sample code provided in this SDK, see Use the Sample and Helper Code.

Demonstrates

This sample shows how to associate a role with a user using the IOrganizationService.Associate method. A snippet showing just the key portions of the sample is shown first, followed by the Complete Sample Code. Note that this sample can only be run in an on-premises environment because it creates a user. However, the section of the sample that demonstrates associating a role with a user will work for all environments.

Example


// Connect to the Organization service. 
// The using statement assures that the service proxy is properly disposed.
using (_serviceProxy = ServerConnection.GetOrganizationProxy(serverConfig))
{
    _serviceProxy.EnableProxyTypes();

    CreateRequiredRecords();

    // Find the role.
    QueryExpression query = new QueryExpression
    {
        EntityName = Role.EntityLogicalName,
        ColumnSet = new ColumnSet("roleid"),
        Criteria = new FilterExpression
        {
            Conditions =
                {
 
                    new ConditionExpression
                    {
                        AttributeName = "name",
                        Operator = ConditionOperator.Equal,
                        Values = {_givenRole}
                    }
                }
        }
    };
    
    // Get the role.
    EntityCollection roles = _serviceProxy.RetrieveMultiple(query);
    if (roles.Entities.Count > 0)
    {
        Role salesRole = _serviceProxy.RetrieveMultiple(query).Entities[0].ToEntity<Role>();

        Console.WriteLine("Role {0} is retrieved for the role assignment.", _givenRole);

        _roleId = salesRole.Id;

        // Associate the user with the role.
        if (_roleId != Guid.Empty && _userId != Guid.Empty)
        {
            _serviceProxy.Associate(
                        "systemuser",
                        _userId,
                        new Relationship("systemuserroles_association"),
                        new EntityReferenceCollection() { new EntityReference(Role.EntityLogicalName, _roleId) });

            Console.WriteLine("Role is associated with the user.");
        }
    }

    DeleteRequiredRecords(promptforDelete);
}

Complete Sample Code


using System;
using System.ServiceModel;
using System.ServiceModel.Description;

// These namespaces are found in the Microsoft.Xrm.Sdk.dll assembly
// located in the SDK\bin folder of the SDK download.
using Microsoft.Xrm.Sdk;
using Microsoft.Xrm.Sdk.Query;
using Microsoft.Xrm.Sdk.Client;
using Microsoft.Crm.Sdk.Messages;

namespace Microsoft.Crm.Sdk.Samples
{
    /// <summary>
    /// Demonstrates how to do basic role association with the system user.
    /// </summary>
    /// <remarks>
    /// At run-time, you will be given the option to revert the role 
    /// association created by this program.</remarks>
    public class AddRoleToUser
    {
        #region Class Level Members

        // Define the IDs needed for this sample.
        private Guid _userId;
        private Guid _roleId;
        private String _givenRole = "salesperson";
        private OrganizationServiceProxy _serviceProxy;

        #endregion Class Level Members

        #region How To Sample Code
        /// <summary>
        /// This method first connects to the Organization service. Afterwards,
        /// creates/retrieves a system user,
        /// updates the system user to associate with the salesperson role. 
        /// Note: Creating a user is only supported
        /// in an on-premises/active directory environment.
        /// </summary>
        /// <param name="serverConfig">Contains server connection information.</param>
        /// <param name="promptforDelete">When True, the user is prompted to delete all
        /// created entities.</param>
        public void Run(ServerConnection.Configuration serverConfig, bool promptforDelete)
        {
            try
            {
                // Connect to the Organization service. 
                // The using statement assures that the service proxy is properly disposed.
                using (_serviceProxy = ServerConnection.GetOrganizationProxy(serverConfig))
                {
                    _serviceProxy.EnableProxyTypes();

                    CreateRequiredRecords();

                    // Find the role.
                    QueryExpression query = new QueryExpression
                    {
                        EntityName = Role.EntityLogicalName,
                        ColumnSet = new ColumnSet("roleid"),
                        Criteria = new FilterExpression
                        {
                            Conditions =
                                {
    
                                    new ConditionExpression
                                    {
                                        AttributeName = "name",
                                        Operator = ConditionOperator.Equal,
                                        Values = {_givenRole}
                                    }
                                }
                        }
                    };
                    
                    // Get the role.
                    EntityCollection roles = _serviceProxy.RetrieveMultiple(query);
                    if (roles.Entities.Count > 0)
                    {
                        Role salesRole = _serviceProxy.RetrieveMultiple(query).Entities[0].ToEntity<Role>();

                        Console.WriteLine("Role {0} is retrieved for the role assignment.", _givenRole);

                        _roleId = salesRole.Id;

                        // Associate the user with the role.
                        if (_roleId != Guid.Empty && _userId != Guid.Empty)
                        {
                            _serviceProxy.Associate(
                                        "systemuser",
                                        _userId,
                                        new Relationship("systemuserroles_association"),
                                        new EntityReferenceCollection() { new EntityReference(Role.EntityLogicalName, _roleId) });

                            Console.WriteLine("Role is associated with the user.");
                        }
                    }

                    DeleteRequiredRecords(promptforDelete);
                }
            }
            // Catch any service fault exceptions that Microsoft Dynamics CRM throws.
            catch (FaultException<Microsoft.Xrm.Sdk.OrganizationServiceFault>)
            {
                // You can handle an exception here or pass it back to the calling method.
                throw;
            }
        }

        /// <summary>
        /// Creates any entity records that this sample requires.
        /// </summary>
        public void CreateRequiredRecords()
        {
            // For this sample, all required entities are created in the Run() method.
            // Create/retrieve a user for role assignment.
            _userId = SystemUserProvider.RetrieveAUserWithoutAnyRoleAssigned(_serviceProxy);

            if (_userId != Guid.Empty)
                Console.WriteLine("{0} user retrieved.", _userId);
        }

        /// <summary>
        /// Deletes/reverts any entity records that were created for this sample.
        /// <param name="prompt">Indicates whether to prompt the user 
        /// to delete/revert the records created in this sample.</param>
        /// </summary>
        public void DeleteRequiredRecords(bool prompt)
        {
            bool deleteRecords = true;

            if (prompt)
            {
                Console.Write("\nDo you want these entity records deleted/reverted? (y/n) [y]: ");
                String answer = Console.ReadLine();

                deleteRecords = (answer.StartsWith("y") || answer.StartsWith("Y") || answer == String.Empty);
            }

            if (deleteRecords)
            {
                _serviceProxy.Disassociate("systemuser", 
                    _userId, 
                    new Relationship("systemuserroles_association"), 
                    new EntityReferenceCollection() { new EntityReference("role", _roleId) });
                Console.WriteLine("Entity records have been deleted/reverted.");
            }
        }
      
        #endregion How To Sample Code

        #region Main method

        /// <summary>
        /// Standard Main() method used by most SDK samples.
        /// </summary>
        /// <param name="args"></param>
        static public void Main(string[] args)
        {
            try
            {
                // Obtain the target organization's Web address and client logon 
                // credentials from the user.
                ServerConnection serverConnect = new ServerConnection();
                ServerConnection.Configuration config = serverConnect.GetServerConfiguration();

                AddRoleToUser app = new AddRoleToUser();
                app.Run( config, true );
            }
            catch (FaultException<Microsoft.Xrm.Sdk.OrganizationServiceFault> ex)
            {
                Console.WriteLine("The application terminated with an error.");
                Console.WriteLine("Timestamp: {0}", ex.Detail.Timestamp);
                Console.WriteLine("Code: {0}", ex.Detail.ErrorCode);
                Console.WriteLine("Message: {0}", ex.Detail.Message);
                Console.WriteLine("Trace: {0}", ex.Detail.TraceText);
                Console.WriteLine("Inner Fault: {0}",
                    null == ex.Detail.InnerFault ? "No Inner Fault" : "Has Inner Fault");
            }
            catch (System.TimeoutException ex)
            {
                Console.WriteLine("The application terminated with an error.");
                Console.WriteLine("Message: {0}", ex.Message);
                Console.WriteLine("Stack Trace: {0}", ex.StackTrace);
                Console.WriteLine("Inner Fault: {0}",
                    null == ex.InnerException.Message ? "No Inner Fault" : ex.InnerException.Message);
            }
            catch (System.Exception ex)
            {
                Console.WriteLine("The application terminated with an error.");
                Console.WriteLine(ex.Message);

                // Display the details of the inner exception.
                if (ex.InnerException != null)
                {
                    Console.WriteLine(ex.InnerException.Message);

                    FaultException<Microsoft.Xrm.Sdk.OrganizationServiceFault> fe = ex.InnerException
                        as FaultException<Microsoft.Xrm.Sdk.OrganizationServiceFault>;
                    if (fe != null)
                    {
                        Console.WriteLine("Timestamp: {0}", fe.Detail.Timestamp);
                        Console.WriteLine("Code: {0}", fe.Detail.ErrorCode);
                        Console.WriteLine("Message: {0}", fe.Detail.Message);
                        Console.WriteLine("Trace: {0}", fe.Detail.TraceText);
                        Console.WriteLine("Inner Fault: {0}",
                            null == fe.Detail.InnerFault ? "No Inner Fault" : "Has Inner Fault");
                    }
                }
            }
            // Additional exceptions to catch: SecurityTokenValidationException, ExpiredSecurityTokenException,
            // SecurityAccessDeniedException, MessageSecurityException, and SecurityNegotiationException.
            finally
            {
                Console.WriteLine("Press <Enter> to exit.");
                Console.ReadLine();
            }
        }
        #endregion Main method
    }
}


Imports System.ServiceModel
Imports System.ServiceModel.Description

' These namespaces are found in the Microsoft.Xrm.Sdk.dll assembly
' located in the SDK\bin folder of the SDK download.
Imports Microsoft.Xrm.Sdk
Imports Microsoft.Xrm.Sdk.Query
Imports Microsoft.Xrm.Sdk.Client
Imports Microsoft.Crm.Sdk.Messages

Namespace Microsoft.Crm.Sdk.Samples
	''' <summary>
	''' Demonstrates how to do basic role association with the system user.
	''' </summary>
	''' <remarks>
	''' At run-time, you will be given the option to revert the role 
	''' association created by this program.</remarks>
	Public Class AddRoleToUser
		#Region "Class Level Members"

		' Define the IDs needed for this sample.
		Private _userId As Guid
		Private _roleId As Guid
		Private _givenRole As String = "salesperson"
		Private _serviceProxy As OrganizationServiceProxy

		#End Region ' Class Level Members

		#Region "How To Sample Code"
		''' <summary>
		''' This method first connects to the Organization service. Afterwards,
        ''' creates/retrieves a system user,
        ''' updates the system user to associate with the salesperson role. 
		''' Note: Creating a user is only supported
        ''' in an on-premises/active directory environment.
		''' </summary>
		''' <param name="serverConfig">Contains server connection information.</param>
        ''' <param name="promptforDelete">When True, the user is prompted to delete all
		''' created entities.</param>
        Public Sub Run(ByVal serverConfig As ServerConnection.Configuration,
                       ByVal promptforDelete As Boolean)
            Try
                ' Connect to the Organization service. 
                ' The using statement assures that the service proxy is properly disposed.
                _serviceProxy = ServerConnection.GetOrganizationProxy(serverConfig)
                Using _serviceProxy
                    _serviceProxy.EnableProxyTypes()

                    CreateRequiredRecords()

                    ' Find the role.
                    Dim query As QueryExpression = New QueryExpression With
                                                   {
                                                       .EntityName = Role.EntityLogicalName,
                                                       .ColumnSet = New ColumnSet("roleid")
                                                   }
                    query.Criteria = New FilterExpression()
                    query.Criteria.AddCondition(
                        New ConditionExpression("name", ConditionOperator.Equal, {_givenRole}))

                    ' Get the role.
                    Dim roles As EntityCollection = _serviceProxy.RetrieveMultiple(query)
                    If roles.Entities.Count > 0 Then
                        Dim salesRole As Role = _serviceProxy.RetrieveMultiple(query).Entities(0).ToEntity(Of Role)()

                        Console.WriteLine("Role {0} is retrieved for the role assignment.", _givenRole)

                        _roleId = salesRole.Id

                        ' Associate the user with the role.
                        If _roleId <> Guid.Empty AndAlso _userId <> Guid.Empty Then
                            _serviceProxy.Associate("systemuser", _userId,
                                                    New Relationship("systemuserroles_association"),
                                                    New EntityReferenceCollection() From {New EntityReference(Role.EntityLogicalName, _roleId)})

                            Console.WriteLine("Role is associated with the user.")
                        End If
                    End If

                    DeleteRequiredRecords(promptforDelete)
                End Using
                ' Catch any service fault exceptions that Microsoft Dynamics CRM throws.
            Catch fe As FaultException(Of Microsoft.Xrm.Sdk.OrganizationServiceFault)
                ' You can handle an exception here or pass it back to the calling method.
                Throw
            End Try
        End Sub

		''' <summary>
		''' Creates any entity records that this sample requires.
		''' </summary>
		Public Sub CreateRequiredRecords()
			' For this sample, all required entities are created in the Run() method.
            ' Create/retrieve a user for role assignment.
			_userId = SystemUserProvider.RetrieveAUserWithoutAnyRoleAssigned(_serviceProxy)

			If _userId <> Guid.Empty Then
				Console.WriteLine("{0} user retrieved.", _userId)
			End If
		End Sub

		''' <summary>
        ''' Deletes/reverts any entity records that were created for this sample.
		''' <param name="prompt">Indicates whether to prompt the user 
		''' to delete/revert the records created in this sample.</param>
		''' </summary>
		Public Sub DeleteRequiredRecords(ByVal prompt As Boolean)
			Dim deleteRecords As Boolean = True

			If prompt Then
				Console.Write(vbLf & "Do you want these entity records deleted/reverted? (y/n) [y]: ")
				Dim answer As String = Console.ReadLine()

                deleteRecords = (answer.StartsWith("y") OrElse
                                 answer.StartsWith("Y") OrElse
                                 answer = String.Empty)
			End If

			If deleteRecords Then
                _serviceProxy.Disassociate("systemuser", _userId,
                                           New Relationship("systemuserroles_association"),
                                           New EntityReferenceCollection() From {New EntityReference("role", _roleId)})
				Console.WriteLine("Entity records have been deleted/reverted.")
			End If
		End Sub

		#End Region ' How To Sample Code

		#Region "Main method"

		''' <summary>
		''' Standard Main() method used by most SDK samples.
		''' </summary>
		''' <param name="args"></param>
		Public Shared Sub Main(ByVal args() As String)
			Try
                ' Obtain the target organization's web address and client logon 
				' credentials from the user.
				Dim serverConnect As New ServerConnection()
				Dim config As ServerConnection.Configuration = serverConnect.GetServerConfiguration()

				Dim app As New AddRoleToUser()
				app.Run(config, True)
			Catch ex As FaultException(Of Microsoft.Xrm.Sdk.OrganizationServiceFault)
				Console.WriteLine("The application terminated with an error.")
				Console.WriteLine("Timestamp: {0}", ex.Detail.Timestamp)
				Console.WriteLine("Code: {0}", ex.Detail.ErrorCode)
				Console.WriteLine("Message: {0}", ex.Detail.Message)
				Console.WriteLine("Trace: {0}", ex.Detail.TraceText)
                Console.WriteLine("Inner Fault: {0}",
                                  If(Nothing Is ex.Detail.InnerFault, "No Inner Fault", "Has Inner Fault"))
			Catch ex As TimeoutException
				Console.WriteLine("The application terminated with an error.")
				Console.WriteLine("Message: {0}", ex.Message)
				Console.WriteLine("Stack Trace: {0}", ex.StackTrace)
                Console.WriteLine("Inner Fault: {0}",
                                  If(Nothing Is ex.InnerException.Message, "No Inner Fault", ex.InnerException.Message))
			Catch ex As Exception
				Console.WriteLine("The application terminated with an error.")
				Console.WriteLine(ex.Message)

				' Display the details of the inner exception.
				If ex.InnerException IsNot Nothing Then
					Console.WriteLine(ex.InnerException.Message)

                    Dim fe As FaultException(Of Microsoft.Xrm.Sdk.OrganizationServiceFault) =
                        TryCast(ex.InnerException, 
                            FaultException(Of Microsoft.Xrm.Sdk.OrganizationServiceFault))
					If fe IsNot Nothing Then
						Console.WriteLine("Timestamp: {0}", fe.Detail.Timestamp)
						Console.WriteLine("Code: {0}", fe.Detail.ErrorCode)
						Console.WriteLine("Message: {0}", fe.Detail.Message)
						Console.WriteLine("Trace: {0}", fe.Detail.TraceText)
                        Console.WriteLine("Inner Fault: {0}",
                                          If(Nothing Is fe.Detail.InnerFault, "No Inner Fault", "Has Inner Fault"))
					End If
				End If
			' Additional exceptions to catch: SecurityTokenValidationException, ExpiredSecurityTokenException,
			' SecurityAccessDeniedException, MessageSecurityException, and SecurityNegotiationException.
			Finally
				Console.WriteLine("Press <Enter> to exit.")
				Console.ReadLine()
			End Try
		End Sub
		#End Region ' Main method
	End Class
End Namespace

See Also

Microsoft Dynamics CRM 2011
Send comments about this topic to Microsoft.
© 2013 Microsoft Corporation. All rights reserved.

Community Additions

ADD
Show: