Sharing A Record with Different Business Unit Teams

Hello Everyone,

I was working on a requirement where i need to share records in different business unit teams. So i am sharing my knowledge how i achieve it using owner team.

First thing i am creating a security role in root business unit and give the right permission and access to entity “Account1”.

Create teams in those child BU where you want to share the records. I have created a Child BU as Bangalore. Create a teams in Child BU.

Assign the security role to Teams which you have created.(You will see Root BU security roles in every business unit because child BU Security roles inherit the parent roles.)

I have an entity name as “Account1” in which having a lookup of business unit. On record creation the record will be share to the respected team e.g. “Account1 Team”. To achieve this functionality i am going to right a custom workflow and calling it under OOB workflow.

Here is my custom code activity.

using System;
using System.Activities;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using Microsoft.Crm.Sdk.Messages;
using Microsoft.Xrm.Sdk;
using Microsoft.Xrm.Sdk.Query;
using Microsoft.Xrm.Sdk.Workflow;

namespace shareAccount1
    public class shareAccount1: CodeActivity
        [Input("Send To")]
        public InArgument<EntityReference> sendTo { get; set; }

        protected override void Execute(CodeActivityContext context)
            ITracingService tracingService = (ITracingService)context.GetExtension<ITracingService>();
            IWorkflowContext workflowContext = (IWorkflowContext)context.GetExtension<IWorkflowContext>();
            IOrganizationServiceFactory serviceFactory = (IOrganizationServiceFactory)context.GetExtension<IOrganizationServiceFactory>();
            IOrganizationService service = serviceFactory.CreateOrganizationService(workflowContext.UserId);
            var buname = this.sendTo.Get<EntityReference>(context);
            EntityReference UserRef = null;
            Entity targetEntity = (Entity)workflowContext.InputParameters["Target"];
            Guid CTIId = targetEntity.Id;
            string entityLogicalName = targetEntity.LogicalName;
            Guid businessunitlookupid = buname.Id;
            //Guid businessunitlookupid = ((EntityReference)targetEntity.Attributes["new_sendto"]).Id;

            QueryExpression queryExpression = new QueryExpression("team");
            queryExpression.ColumnSet.AddColumns("name", "teamid", "businessunitid");
            queryExpression.Criteria = new FilterExpression();
            queryExpression.Criteria.AddCondition("name", ConditionOperator.Equal, "Account1 Team");
            queryExpression.Criteria.AddCondition("businessunitid", ConditionOperator.Equal, businessunitlookupid);

            EntityCollection entityCollection = service.RetrieveMultiple(queryExpression);
            if (entityCollection.Entities.Count > 0)
                foreach (Entity teamEntity in entityCollection.Entities)

                    UserRef = new EntityReference(teamEntity.LogicalName, teamEntity.Id);
            var recordRef = new EntityReference(targetEntity.LogicalName, targetEntity.Id);

            // Principal – for whom we are sharing  the record.

            // Target – Which record we are sharing.

            //Sharing a RECORD
            GrantAccessRequest request = new GrantAccessRequest
                PrincipalAccess = new PrincipalAccess
                    AccessMask = AccessRights.ReadAccess|AccessRights.WriteAccess ,
                    Principal = UserRef
                Target = recordRef

            // throw new NotImplementedException();


Register your code activity using plugin registration tool. create a OOB workflow and select your workflow from the steps.

Set the property as below. As i earlier mentioned i have a lookup field on my form which is Send To, which i am setting in the input parameter of workflow.

Once it is done activate your workflow and test.I created a record new record “TestShare1” where owner of the record is Venkateshwararoa. Once it is created it will share the record to team member of different BU.

After creation , record is shared with Surya Singh as member of the Account1 Team.

That’s it. Shot comment on the blog if you facing any challenges.

Hide and Show Ribbon Button Based on User Security Role in Dynamics 365 v9.x

Hello Everyone, Today i would like to share my knowledge regarding show and hide ribbon button based on the user Security roles.

I have a custom entity name as “account1”. I have to create two button (Submit, Complete) using ribbon workbench.We have two type of user one is Salesperson, second one Sales Manager. So in this blog i am going to cover some of the points as given below.

1.If user security role is Salesperson, show “Submit” button and hide the “Complete” button.

2.If user security role is Sales Manager, show “Complete” button and hide the “Submit” button.

3.After creation of the record user will able to see the buttons(Submit or Complete).

Lets start.

I created a solution named as AccounRibbon and added my entity account1. Import the latest ribbon workbench into your organisation if already not done. Once it is imported successfully, open the the ribbon workbench and select your solution, i am selecting the  Account Ribbon.


Once your solution loaded successfully,select the entity and add the buttons in to main form by drag and drop. Give the proper names to buttons.


once button added we need to add the command and the enable rules for both the buttons.


Lets first talk about the Enable Rules.In Simple words, Enable rule are used as trigger when our buttons will enable for form.So first we need to check both the button will available only when the form type is update, for that we are going to use form state rule.

Click on the Submit Enable rule as shown in above screenshot, on the right panel , click on add step and choose FormStateRule.


Use existing because we want show this button after the record is created. Set invert rule as true, it means if the form is not “Existing” type then button will hide automatically. Same step follow for the Completed Enable rule. once both is done , now we have to write a CustomRule that will check the user security role and based on the user security role we will return true or false from the function.

NOTE:Please don’t focus on the other two ValueRule  i am doing some other calculation as well that is not part of the this blog.

create a web resource and add this JS in your web resource.

function getCurrentUserSecurityRolesIfsalesperson()
    var value=false;
    var userRoles=Xrm.Utility.getGlobalContext().userSettings;
        for ( var rolidcollection in userRoles.roles._collection)
           var currentUserRoles= Xrm.Utility.getGlobalContext().userSettings.roles._collection[rolidcollection].name;    
    return value; 

After adding this JS publish the web resource and go back to the ribbon workbench.

Add new Step in Enable rule and select custom rule. Specify the property as shown in image.

This is completed for one button submit repeat the same process for complete button do necessary changes.e.g match with sales manager role like i am matching with salesperson.

Now you have both the enable rule done. Add both the enable rule to respected command as shown in below image.

Once it is added. you can specify the action-> what you want to perform after click on button. as given in the snap. Perform the same steps for the Complete command as well. Now go to the button tab select the button and add the command respected to your button.

Once the command added , perform same operation for the Submit button.then click on publish.

Once you follow all the steps you will easily achieve what i shared in blog.

Thanks for seeing. Hope you like it. If you have any query please use comment box.

Get Logged In User Security Roles in Dynamics 365 v9.1

Hello , Hope Everyone doing very well. i want to share something which a created for you guys. i was working on a requirement where i need to get logged in user security role.Most of you will already know but i discover a new method,a very short code without using any web API . This will help you to save your time to writ a big code.

function getCurrentUserSecurityRoles(executionContext)
	//Returns information about the current user settings.
    var userRoles=Xrm.Utility.getGlobalContext().userSettings;	
	//it will give you count of security a user is having
		//userRoles.roles._collection will give you the index of the Current user security role , it contains roleid , and name of the security role
        for ( var rolidcollection in userRoles.roles._collection)		
			//Once you get the index of the security role from where you can retrive id, name of the Security Role
           var currentUserRoles= Xrm.Utility.getGlobalContext().userSettings.roles._collection[rolidcollection].name;    

If you have any question feel free to ask :).