Change Document: v2.3.4.0 — Complete Customer Template Permission Coverage (ISSUE-12 Final Fix)
| Field | Value |
|---|---|
| Version | 2.3.4.0 |
| Date | 2026-03-09 |
| Extension | BC Dialing Application (Cambay Solutions) |
| Severity | Critical — eliminates remaining HTTP 403 NavPermissionException on new customer creation |
| Status | Compiled — ready for deployment |
Background
v2.3.3.0 deployed to Production on 2026-03-09 and addressed the permission gaps identified in the initial ISSUE-12 root cause analysis — five tables accessed by the ECOMMERCE template's field validation (Salesperson/Purchaser, Payment Terms, Currency, Country/Region) and the BestwayUSA INVCCustomerAreaDimension subscriber (General Ledger Setup).
Post-deployment telemetry confirms HTTP 403 NavPermissionException is still occurring on 100% of new customer creation attempts. The BCDIALER-0020 breadcrumb trace shows all attempts reaching step 5 (InitCustomerNo complete, calling Insert(true).) but never logging step 6 (ApplyCustomerTemplate), confirming the failure is inside Customer.Insert(true).
Why v2.3.3.0 Didn't Fully Resolve It
The v2.3.3.0 analysis traced the permission gaps from the Nextiva API payload — the fields the Nextiva system sends when creating a customer (salespersonCode, paymentTermsCode, currencyCode, country, type, taxLiable). However, the ECOMMERCE template record in BC contains additional fields beyond what the Nextiva payload specifies. The template's own data populates these fields during ApplyCustomerTemplate, and their Validate() triggers access setup tables not in the Nextiva payload analysis.
The Second ApplyCustomerTemplate Call
The BestwayUSA extension's INVCSalesHandler.OnAfterInsertCustomer subscriber (INVCSalesHandler.Codeunit.al, line 255) fires as part of Customer.Insert(true) via OnAfterInsertEvent. It finds the ECOMMERCE template by matching the customer's No. Series and calls CustTemplateMgmt.ApplyCustomerTemplate(Rec, CustTemplate). This is a second, complete pass through all template fields — it runs inside Insert(true), before the page's own ApplyCustomerTemplate call at step 6. If any template field's Validate() trigger accesses a table not in the page's inline Permissions, the entire Insert(true) call fails with a 403, and breadcrumb step 6 never fires.
The v2.3.3.0 analysis accounted for this subscriber but assumed the tables it accessed were already covered by the five new additions. In practice, the ECOMMERCE template has fields set that access additional setup tables that were not included.
Resolution Strategy
Rather than attempting to identify the single missing table through additional telemetry rounds — which would require another deploy-and-observe cycle — this version adds all 13 remaining standard Customer Templ. field tables at once. The standard Customer Templ. table (1382) in BC v27 has 22 fields with table relations. v2.3.3.0 covered 9 of them; this version adds the remaining 13, bringing the total to 22 covered (plus all other tables from prior versions). This permanently closes all permission gaps for the customer template application path regardless of what field values the ECOMMERCE template contains.
Permission declarations are additive — granting a permission to a table that the code never actually accesses has zero runtime impact.
Summary of Changes
| # | Severity | Category | Description |
|---|---|---|---|
| 1 | Critical | Fixed | Added 13 remaining Customer Templ. field tables to Pages 80000, 80003, and CU-60000 inline Permissions — covers every setup table accessed by Validate() triggers when ApplyCustomerTemplate runs on any standard BC Customer Template |
Detailed Changes
1. Complete Customer Template Permission Coverage — Pages 80000, 80003, and CU-60000
Files modified:
src/Page/Pag-80000.ReceivePhoneNumber.alsrc/Page/Pag-80003.ReceiveEmail.alsrc/Codeunit/CU-60000.PhoneIntegration.al
Tables added to inline Permissions:
| Table | BC Table No. | Permission | Accessed By Validate() When |
|---|---|---|---|
Customer Price Group | 6 | R | Template sets Customer Price Group Code |
Tax Area | 318 | R | Template sets Tax Area Code (US taxable customers) |
Payment Method | 289 | R | Template sets Payment Method Code |
Shipment Method | 10 | R | Template sets Shipment Method Code |
Language | 8 | R | Template sets Language Code |
Finance Charge Terms | 5 | R | Template sets Fin. Charge Terms Code |
Territory | 26 | R | Template sets Territory Code |
Customer Discount Group | 340 | R | Template sets Customer Disc. Group |
Shipping Agent | 291 | R | Template sets Shipping Agent Code |
Reminder Terms | 431 | R | Template sets Reminder Terms Code |
Responsibility Center | 5714 | R | Template sets Responsibility Center |
Location | 14 | R | Template sets Location Code |
Post Code | 225 | R | Template sets Post Code |
Updated Permissions property (33 tables, up from 20):
Permissions = tabledata CustomerPhoneLog = RIM,
tabledata Customer = RIM,
tabledata "NextivaConfig" = R,
tabledata "Customer Templ." = R,
tabledata "No. Series" = R,
tabledata "No. Series Line" = RM,
tabledata "Sales & Receivables Setup" = R,
tabledata "Marketing Setup" = R,
tabledata Contact = RIM,
tabledata "Contact Business Relation" = RIM,
tabledata "Business Relation" = R,
tabledata "Default Dimension" = RIM,
tabledata "Dimension Value" = R,
tabledata "Customer Posting Group" = R,
tabledata "Gen. Business Posting Group" = R,
tabledata "VAT Business Posting Group" = R,
tabledata "Salesperson/Purchaser" = R,
tabledata "Payment Terms" = R,
tabledata "Currency" = R,
tabledata "Country/Region" = R,
tabledata "General Ledger Setup" = R,
tabledata "Customer Price Group" = R,
tabledata "Tax Area" = R,
tabledata "Payment Method" = R,
tabledata "Shipment Method" = R,
tabledata Language = R,
tabledata "Finance Charge Terms" = R,
tabledata Territory = R,
tabledata "Customer Discount Group" = R,
tabledata "Shipping Agent" = R,
tabledata "Reminder Terms" = R,
tabledata "Responsibility Center" = R,
tabledata Location = R,
tabledata "Post Code" = R;
Permission History
| Version | Tables | Change |
|---|---|---|
| 2.0.0.12 | 2 | CustomerPhoneLog, Customer |
| 2.2.1.0 | 15 | +13 standard BC tables for Insert(true) and ApplyCustomerTemplate base flow |
| 2.3.3.0 | 20 | +5 tables for ECOMMERCE template field validation and BestwayUSA event subscribers |
| 2.3.4.0 | 33 | +13 tables — all remaining standard Customer Templ. field tables, permanently closing the template permission gap |
Root Cause of Multi-Version Investigation
The permission gaps required multiple versions to fully close because:
- v2.2.1.0 — identified from HTTP 403 rate. Traced the Customer creation flow and added tables for the base
Insert(true)andApplyCustomerTemplateflows. - v2.3.3.0 — traced the Nextiva API payload fields and identified the cross-extension BestwayUSA subscriber. Added 5 tables. Did not fully enumerate the ECOMMERCE template's own data fields because the analysis was based on the Nextiva payload rather than the full template record in BC.
- v2.3.4.0 — recognizes that
ApplyCustomerTemplateapplies ALL fields from the template record (not just the ones the Nextiva API sends), and the secondApplyCustomerTemplatecall fromINVCSalesHandler.OnAfterInsertCustomerruns insideInsert(true)before our breadcrumb step 6 can fire. Adds every remaining standardCustomer Templ.field table to permanently close all gaps.
The BC Application Insights telemetry (RT0008 event) captures NavPermissionException as the failureReason but does not include the specific table name in the logged dimensions. Querying the ECOMMERCE template directly via OData to enumerate its field values was attempted but was not achievable — the customerTemplates entity is not exposed via the OData v4 service in this BC environment, and the v2.0 API path returned 404. The comprehensive enumeration of all standard Customer Templ. fields was used as an alternative.
Impact on Related Issues
| Issue | Impact |
|---|---|
| ISSUE-12 (403 permissions — CRITICAL) | Final fix. Covers all 22 standard Customer Templ. field table relations. New customer creation should succeed regardless of which fields the ECOMMERCE template has set. |
| ISSUE-14 (Job Queue 91% error rate) | Self-resolves. Future calls will create customers. |
| ISSUE-13 (stale page error) | Partial mitigation. If the stale page error was triggered by Insert(true) failing mid-write, this fix eliminates that trigger. The root cause of CE-0250097's specific error still needs separate investigation. |
| ISSUE-15 (email log backlog) | No direct impact. |
Object Inventory
No new objects. Modified objects only:
| Object | ID | Type | Status | Description |
|---|---|---|---|---|
| ReceivePhoneNumber | 80000 | Page | Modified | Added 13 table permissions (33 total) |
| ReceiveEmail | 80003 | Page | Modified | Added 13 table permissions (33 total) |
| PhoneIntegration | 60000 | Codeunit | Modified | Added 13 table permissions (33 total) |
Deployment Notes
- No data migration required — permission declaration only, no behavioral changes
- No configuration changes required
- Backwards compatible — additive permissions, no logic changes
- Supersedes v2.3.3.0 — deploy this version directly. All changes from v2.3.1.0, v2.3.2.0, and v2.3.3.0 are included.
- Verification: After deployment, trigger an inbound call to a phone number not in BC (new customer creation path). The call should return HTTP 201 instead of 403. Breadcrumb step 6 (
ApplyCustomerTemplate) and step 7 (Modify) should appear in Application Insights within 5-10 minutes. - Post-deployment monitoring: Query
RT0008events for HTTP 403 on objects 80000 and 80003. Rate should drop to zero. Any remaining 403s are outside the customer creation path.
Known Limitations
- BestwayUSA extension changes — If Innovia modifies the BestwayUSA extension to add new event subscribers on the Customer table that access tables outside this permission list, the list would need updating. This is an inherent risk of cross-extension event-driven architecture in BC.
- Non-standard templates — If the NextivaConfig
Customer Template Nameis changed to a template that uses custom fields from the BestwayUSA or other extensions (outside the standardCustomer Templ.table), those tables would need to be added. The 33 tables now covered represent the complete set of standard BC Customer Template field table relations. - Orphaned phone logs from ISSUE-14 — Records that errored before this fix can be reprocessed via the Manual Sync page (80009) after deployment.