Dynamics Ninja Logo

Blog.

Power Roles - Your security copilot

Cover Image for Power Roles - Your security copilot
·
6 min read

Introduction

I recently attended a local user group session that primarily focuses on Dynamics 365 Finance and Operations (FO) and Business Central. During the session, the presenter discussed the latest updates in Business Central. One feature that caught my attention was the new Copilot functionality. The presenter mentioned that the UI of this feature reminded him of the Permission Set Recorder, a tool that has been around for a while. The Permission Set Recorder allows users to record their current session and automatically generate the necessary privileges to access data within the system. I was amazed by this capability, though others seemed less impressed since they use it regularly in their Business Central applications.

This was the moment when I thought, maybe I can try to make it for Dynamics 365 Customer Engagement (CE), and the little cogs in my mind started to work on the concept for the solution.

Concept

The idea was to sniff the HTTP traffic in the browser to capture all the actions performed by the user and, based on these recorded actions, generate the necessary permission set to perform those actions.

I started looking for the best tool to accomplish this and thought about developing a Chrome extension. I was already familiar with Chrome extension development, having previously worked on the Level Up for Dynamics 365 extension, specifically on the Impersonate feature, which also involved sniffing HTTP traffic and modifying headers.

This time, it required a slight upgrade to my previous solution, as I needed to extract specific data from the HTTP requests originating from the Dynamics Web API endpoint. For each request, I focused on extracting two key pieces of information: the URL, to identify the table name, and the HTTP method, to determine the action that needs to be executed.

Chrome Extension

After a few days of development, the first version of the extension is finally finished, incorporating all the basic features I envisioned during the session from the introduction.

The extension is intuitive and easy to use. To get started, simply go to the Edge extension store and download the extension directly to your browser. Once installed, you can start using it right away.

Getting Started

  1. Open Your Application: Open your Dynamics 365 or Power Apps model-driven application in one of your browser tabs.

  2. Launch the Extension: Click on the extension icon in your browser toolbar to open it.

  3. Start Recording: The extension popup window presents a simple UI with almost only one button to click: the Start button. Pressing the Start button initiates the recording session. Now, you can start interacting with your app as the user needing a security role would, clicking around the system.

  4. Monitor Permissions: As you navigate through the app, you will see permissions populate in the table within the extension UI. The more you click around, the more permissions will be added to the table.

  5. Stop Recording: When you are satisfied with the recorded session, stop the recording by pressing the Stop button.

  6. Review and Adjust Permissions: Review all the privileges in your table. You can adjust permission levels if the organization-level setting (default) is too broad for your user.

  7. Save the Permission Set: Once finalized, you can easily save this permission set as a new security role or update an existing one with the new privileges.

Features

The Chrome extension for Dynamics 365 and Power Apps offers a robust set of features designed to simplify the process of creating and managing permission sets. Here are the key features:

Intuitive User Interface

The extension boasts a user-friendly interface, making it accessible even for users with minimal technical knowledge. With a straightforward Start/Stop button, initiating and ending recording sessions is hassle-free.

Seamless Integration

Available on the Edge extension store, the extension integrates seamlessly with your browser, allowing for quick setup and use. It supports Dynamics 365 and Power Apps model-driven applications, ensuring broad usability across Microsoft’s ecosystem.

Real-Time Recording

The extension records user interactions in real-time, capturing all necessary actions to generate an accurate permission set. Permissions are displayed live within the extension UI as you navigate through the application.

Detailed Permissions Overview

It automatically extracts URLs to identify table names relevant to user actions and analyzes HTTP methods to determine the required actions for each permission.

Customizable Permission Levels

The extension allows users to review and adjust permission levels, ensuring the appropriate scope of access. Default permissions are set at the organization level but can be modified to fit specific needs.

Efficient Permission Set Management

You can easily save the recorded permission set as a new security role or update an existing one. This flexibility enhances the efficiency of managing permissions without starting from scratch.

User-Friendly Setup

Download and install the extension directly from the Edge extension store with minimal configuration required. You can start using the extension immediately after installation.

With these features, the Chrome extension streamlines the process of managing user permissions in Dynamics 365 and Power Apps, enhancing productivity and security.

Download

Ready to streamline your permission set management with our Chrome extension? Follow these steps to download and install it:

  1. Visit the Extension Page: Click here to go directly to the extension page on the Edge Add-ons store.
  2. Add to Edge: On the extension page, click the "Get" button to download and install the extension directly to your browser.
  3. Activate the Extension: Once installed, click on the extension icon in your browser toolbar to start using it.

With just a few clicks, you’ll have the extension up and running, ready to enhance your Dynamics 365 and Power Apps experience.

Feedback

As the sole developer of this extension, I’m committed to making it as useful and reliable as possible. Your feedback is incredibly important to me, and I welcome any suggestions or reports of issues.

How to Provide Feedback

  1. Submit Issues: If you encounter any bugs, have suggestions for new features, or need help with anything, please use the GitHub Issues page. You can access it here.

  2. Describe the Issue: When submitting an issue, provide detailed information including steps to reproduce the problem, any error messages, and screenshots if possible. This will help me address your concerns more effectively.

  3. Feature Requests: If you have ideas for new features or improvements, please create a new issue and describe your request in detail. I am always looking for ways to enhance the extension and your input is invaluable.

Thank you for your support and contributions. Your feedback helps ensure that the extension continues to meet your needs and improve over time!

Future

The initial release of the tool has been a great start, but there’s plenty more on the horizon. First off, right now, the tool doesn’t catch all the behind-the-scenes action—like those sneaky plugins, mysterious workflows, or custom APIs doing their thing. I’m on a mission to bring these hidden heroes into the spotlight, but this is a bit like trying to catch a ninja in action. So, please bear with me as I work on this complex upgrade!

I’m also planning to give the tool a major boost by expanding its ability to handle a wider range of actions and scenarios within Power Roles. Think of it as turning your trusty Swiss Army knife into a full-blown multi-tool.

Your feedback is like a GPS guiding me on this development journey, so don’t be shy—let me know what you think! Thanks for sticking with me, and stay tuned for more updates as I continue to enhance the tool.

Donations

If you find the Power Roles extension useful and would like to support its continued development, I would greatly appreciate your contribution. As a solo developer, your support helps me dedicate more time and resources to improving the tool and bringing you new features.

You can make a donation via BuyMeACoffee. Your generosity not only fuels the development of the extension but also motivates me to keep enhancing it for the benefit of all users.

Thank you for your support—it truly makes a difference!