Security Dependencies

CRM 1.0

Sometimes security dependencies exist because it is necessary to have more than one access right to perform a given action. For example, if you have the access right CRM_ACCESS_CREATE for accounts, you can create an account object. However, unless you also have CRM_ACCESS_READ access for accounts, you cannot create an account and be the owner of that new account. You can find the access rights enumeration in the ACCESSRIGHTS class.

The following table shows the access right dependencies for the actions specified.

Action Access rights required
To Create an object and be the object owner CRM_ACCESS_CREATE


To Share an object CRM_ACCESS_SHARE – required by the person doing the share operation.

CRM_ACCESS_READ – required by the person doing the share operation and also by the person with whom the object is being shared.

To Assign an object CRM_ACCESS_ASSIGN



To Append To an object CRM_ACCESS_READ


To Append an object CRM_ACCESS_READ


Another type of dependency exists when objects are subordinate to another object. The opportunity object cannot exist on its own. The opportunity object is always attached to an account. In this case, in order to create an opportunity, you must have the access right CRM_ACCESS_APPENDTO on accounts, as well as the access right CRM_ACCESS_APPEND on opportunities.

© 2005 Microsoft Corporation. All rights reserved.