Hiding the Advanced Find Ribbon Button

Recently, a client had a requirement to hide the Advanced Find ribbon button if a user was in a given role. Out of the box Advanced Find is available to all users to find records to which they have read access. So my first response to this request was to suggest a security model whereby users did not have access to records that the business did not want them to be able to find. However, for a number of reasons the users still needed access to these records, the client just wanted to make it less likely that they would be able to find them if they went looking (people, like me, may have an inquisitive nature and see what they can find just out of interest).

My first thought was that I would need some custom javascript to accomplish this but after a brief investigation realised that this could be done with some simple ribbon customisation and a custom entity.

When setting the visibility of a ribbon button there are a number of display rules available, the closest of these that matched my need was the EntityPrivilegeRule that would either display the button to users with the specified privilege or not if the result was reversed. This wasn’t quite what I was after because I needed to restrict Advanced Find based on security role membership (i.e. if a user is in a specific role then they wouldn’t see the Advanced Find button). To get round this I decided I would create a custom entity that I could use with the EntityPrivilegeRule just for this purpose. The entity wouldn’t have any fields (other than the default) and wouldn’t appear in the navigation, it would simply be used so that roles with a certain privilege for this entity could have the Advanced Find button hidden. I called this entity Restrict Advanced Find to try and make its purpose clear. I then added my display rule as below:

<DisplayRule Id="Telio.DisplayAdvancedFind">
<EntityPrivilegeRule PrivilegeType="Create" PrivilegeDepth="Global"
EntityName="telio_restrictadvancedfind" InvertResult="true"/>
</DisplayRule>

The result is inverted so that any role that has the Create privilege for the entity will not see the Advanced Find button.

When I came to test this I realised that there was an issue. This is fine for most roles as they wouldn’t have this privilege unless explicitly granted, however the System Administrator role has create privilege for all entities and so this had the effect of hiding the button for users in that role also which is obviously undesirable. To resolve this I simply changed the above rule to be an OrRule that contained the above and another rule that specified that the button should be shown if the user had create privileges on the User entity (I could have picked a different entity but figured that if a user had this privilege then they would probably be a admin user of some kind). So the final rule looked like this:

<DisplayRule Id="Telio.DisplayAdvancedFind">
<OrRule>
<Or>
<EntityPrivilegeRule PrivilegeType="Create" PrivilegeDepth="Global"
EntityName="telio_restrictadvancedfind" InvertResult="true" />
</Or>
<Or>
<EntityPrivilegeRule PrivilegeType="Create" PrivilegeDepth="Global"
EntityName="systemuser" />
</Or>
</OrRule>
</DisplayRule>

All that was then left to do was to apply this new display rule to the Advanced Find ribbon button – overriding the out of the box behaviour.

You can download the complete Customisations XML here.

 

Comments are closed.