Quantcast
Channel: Microsoft Dynamics AX Forum - Recent Threads
Viewing all articles
Browse latest Browse all 72043

delete_from, notexists join and security policy

$
0
0

Hi,

In the GenralJournalEntry table method deleteOrphans() is making the following statement

delete_from generalJournalEntry
where generalJournalEntry.Ledger == Ledger::current()
&& (_accountingDate == dateNull() || generalJournalEntry.AccountingDate == _accountingDate)
notexists join generalJournalAccountEntry
where generalJournalAccountEntry.GeneralJournalEntry == generalJournalEntry.RecId

If the security policy is setup with limit access to the generalJournalAccountEntry table – for instance limitation for ledger dimension - this statement could have catastrophic consequences.
A lot of records from generalJournalEntry would be deleted as the security policy would delimit the transactions found in generalJournalAccountEntry and thereby fulfill the notExists.

The method is called when calling the “opening transactions” in periodic ledger.

Although it is effective statement - the delete_from in context with notexists join should not be allowed (or at least never used) – no one can see through the consequences using this.

Or does anyone know a way to come around this problem?

Pretzy


Viewing all articles
Browse latest Browse all 72043

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>