Skip to content

Changelog

1.8.0.0 2024-01-29

  • Improved the Confidential G/L Accounts step on the Confidential Data Protection Setup Wizard page for setting up confidential G/L accounts per company.

    Confidential G/L Accounts per Company

    • A new text has been added to make the user aware that G/L accounts should be marked for each company.
    • A Current Company Display Name field has been added. Drilling down on this field opens the User Settings page so that the user can easily switch to a different company if needed.
    • A Chart of Accounts action has been added so that the user can easily open the Chart of Accounts page for marking G/L accounts as confidential.
    • A Switch Company action has been added which opens the User Settings page so that the user can easily switch to a different company if needed.

  • When an attempt is made to assign a permission set that exposes confidential data by granting direct read access, then Confidential Data Protection restricts the permission set assignments by replacing it with a permission set to which security-filters are applied for the relevant tables containing confidential data. However, this could cause issues in very special scenarios when codeunits would only require indirect read access to a confidential table. Therefore now the extension will also automatically grant full indirect read access next to the restricted/security-filtered direct read access by assigning a permission set for each relevant confidential table.

    Indirect Read Permission Set Assignments

  • When a permission set that exposes confidential data is assigned to a user that has SUPER or SUPER (DATA) access (for the same company(!)), then this assignment is no longer restricted as the user will not get more access to confidential data (as the user already has full data access for the entire company or environment).

  • Add missing tooltip for Extension-provided field
  • Applied bold styling to Exposes Confidential Data field values on the User Subform page for records with value Yes.
  • Fix clearing confidential marker

1.6.0.0 2024-01-11

  • A new Automatically Resolve Violations Periodically step has been added to the Confidential Data Protection Setup Wizard page.

    Automatically Resolve Violations Periodically step in Setup Wizard

    In this step the user is informed about the possibility to set up a job queue entry to periodically resolve confidentiality-violating permission set assignments. The action Set Up Job Queue Entry will set up a job queue entry which can be edited to the user's preference. The default is set to resolve violations in the background every 180 minutes.

    If the user tries to continue the wizard without setting up a job queue entry by clicking on the Next button, a dialog is shown to let the user choose to set up the job queue entry (recommended) or continue without setting up a job queue entry.

  • The Confidential Data Protection extension now keeps a log of confidentiality-violating permission set assignments that were resolved. You can view the log entries by using the Resolved Violation Log action on the Confidential Data Protection Setup (Wizard) page.

Resolved Violation Log

  • New actions have been added to the Confidential Data Protection Setup card page

    New actions related to resolving violations on the Setup page

    • Set Up Job Queue Entry - Set up the job queue entry that periodically checks for confidentiality-violating permission set assignments.

    • Resolved Violation Log - View the log of the confidentiality-violating permission assignments resolved by the Confidential Data Protection extension.

1.4.0.0 2023-12-01

  • Handle warning about obsoleted/to-be-removed permission set WSB_MON (User permission set for the Monet library app).
  • Ensure that procedure wgFncGetConfidentialTableObjectIDs does not tamper with the state/flag of an in-progress creation of the Confidential Data Exclusion permission set.

1.2.0.0 2023-11-10

  • Added Exposes Confidential Data page field to the User Subform page that shows the permission sets of a user on the User card page. This field shows whether the permission set that the user has access to exposes confidential table data to the user.
  • Directly resolve confidentiality violations introduced after applying updates to license configurations of users to the Update Users from Microsoft 365 action instead of preventing them with an error.
  • Update error message that is displayed to a user when the system attempts to assign permission sets that expose confidential data to the user on first login due to confidentiality-violating license configurations.
  • Account for G/L entry no. increment during sales doc. post. In the situation that the latest G/L entry at the time relates to a confidential G/L account, then the security filters prevented determining the next entry no. when users that do not have access to the confidential G/L account data would post sales documents which generate G/L entries.

1.0.0.0 2023-10-02

Initial version

Last update: January 29, 2024