On a recent project, I have to restrict user access to a custom link to specific Security Roles. It is a shame that CRM 2011 doesn’t allow this, but it does make sense not to tie in security to user modifiable Security Role records.
So it ties in with entities name and security privileges (Read, Write, AppendTo, Append, Create, Delete, Share, Assign, All, AllowQuickCampaign, and UseInternetMarketing). Multiple privileges can be used as long as they are separated by comma and contains no spaces.
To use this,
<SubArea Id="nav_dosomething" Url="http://www.blah.com/DoSomething.aspx"> <Titles> <Title LCID="1033" Title="DoSomething" /> </Titles> <Privilege Entity="account" Privilege="Create,Write,Delete"></Privilege> </SubArea>
Cheers – Sy