I am in the process of implementing a row-level security model within Dataverse to mirror our company's management hierarchy.
I need some guidance on setting this up correctly. Below are my requirements with examples for each:
Direct Reports Editing Access: Managers should have the ability to read and edit rows related to their direct reports. For example, if Kate is a manager, she should be able to edit and view rows belonging to her direct reports, Ahmed and Samantha.
Visibility Up the Hierarchy: Upper management should be able to view and edit all data entries pertaining to those under their purview. For instance, Brian, who is at the top of the hierarchy, should have edit and view access to all rows of David, Wendy, and all individuals reporting to them.
Peer Access Restriction: Individuals on the same management level should not have access to each other's records. For example, while both Kate and Gonzales report to David, they should not be able to view or edit each other's rows.
No Upward Visibility: Lower-level managers or staff should not have access to their superiors’ records. For example, Gonzales should not have the ability to view or edit the rows that pertain to David or Brian.
Executive Exclusion: Certain high-level individuals, specifically Ian and Debra, should have no visibility or editing capabilities on this table, nor should their subordinates. They are part of the organizational structure but are not involved with this particular dataset.
I am seeking a step-by-step tutorial or resource that can guide me in setting up these specific permissions. What are the best practices for creating security roles, configuring tables, and assigning the correct permissions in Dataverse to achieve the above requirements?.
I appreciate any help or pointers you could provide, including links to comprehensive tutorials or documentation.
Thanks in advance.