Merge branch 'main' into patch-3

Author: Nkrb

.DS_Store

@@ -7,6 +7,7 @@ _repo.*/
 
 .openpublishing.buildcore.ps1
 settings.json
+.DS_Store
 
 # Folder config file
 [Dd]esktop.ini

.gitignore

@@ -104,6 +104,8 @@
     href: impersonate-another-user.md
   - name: Service protection API limits
     href: api-limits.md
+  - name: Bypass Custom Business logic
+    href: bypass-custom-business-logic.md
   - name: Best Practices
     href: best-practices/work-with-data/index.md
   - name: Add and remove sample data

powerapps-docs/.DS_Store

@@ -1,6 +1,6 @@
 ---
 title: "Develop IPlugin implementations as stateless | MicrosoftDocs"
-description: "Members of classes that implement IPlugin are exposed to potential thread-safety issues which could lead to data inconsistency or performance problems."
+description: "Members of classes that implement IPlugin are exposed to potential thread-safety issues, which could lead to data inconsistency or performance problems."
 services: ''
 suite: powerapps
 documentationcenter: na
@@ -27,7 +27,7 @@ search.app:
 
 **Category**: Design, Performance
 
-**Impact potential**: High
+**Potential risk**: High
 
 <a name='symptoms'></a>
 
@@ -199,14 +199,14 @@ After Microsoft Dataverse instantiates the plug-in class, the platform caches th
 
 Because the platform caches plug-in class instances, the constructor is not called for every invocation of plug-in execution.  For this reason, IPlugin implementations should not depend on the timing of operations in the constructor apart from obtaining static configuration data. 
 
-Another reason IPlugins should be stateless is that multiple system threads could execute the same, shared, plug-in instance concurrently.  This opens up members of classes that implement IPlugin to potential thread-safety issues which could lead to data inconsistency or performance problems.
+Another reason IPlugins should be stateless is that multiple system threads could execute the same, shared, plug-in instance concurrently.  This opens up members of classes that implement IPlugin to potential thread-safety issues, which could lead to data inconsistency or performance problems.
 
 <a name='seealso'></a>
 
 ### See also
 
 [Write a plug-in](../../write-plug-in.md)<br />
-[CRM Team Blog: Thread Safety in Plug-ins](https://blogs.msdn.com/b/crm/archive/2008/11/18/member-static-variable-and-thread-safety-in-plug-in-for-crm-4-0.aspx)<br />
+[CRM Team Blog: Thread Safety in Plug-ins](https://cloudblogs.microsoft.com/dynamics365/no-audience/2008/11/18/member-static-variable-and-thread-safety-in-plug-in-for-crm-4-0/)<br />
 
 
-[!INCLUDE[footer-include](../../../../includes/footer-banner.md)]
+[!INCLUDE[footer-include](../../../../includes/footer-banner.md)]

powerapps-docs/developer/data-platform/TOC.yml

@@ -0,0 +1,196 @@
+---
+title: "Bypass Custom Business Logic (Microsoft Dataverse) | Microsoft Docs" 
+description: "Make data changes which bypass custom business logic" 
+ms.custom: ""
+ms.date: 05/27/2021
+ms.reviewer: "pehecke"
+ms.service: powerapps
+ms.topic: "article"
+author: "JimDaly" 
+ms.author: "jdaly" 
+manager: "ryjones" 
+search.audienceType: 
+  - developer
+search.app: 
+  - PowerApps
+  - D365CE
+---
+# Bypass Custom Business Logic
+
+There are times when you want to be able to perform data operations without having custom business logic applied. For example, if you are going to import a lot of records which you know already conform to the data consistency logic for your business. You want this operation to be done as quickly as possible, so the additional time spent processing custom logic for each request is something you want to avoid.  
+
+One option is to locate and disable the custom plug-ins that contain the business logic. But this means that the logic will be disabled for all users while those plug-ins are disabled. It also means that you have to take care to only disable the right plug-ins and remember to re-enable them when you are done.
+
+The option described here allows you to disable custom synchronous plug-ins for specific requests sent by an application configured to use this option.
+
+For these kinds of situations, you have the option to disable custom business logic which would normally be applied. There are two requirements:
+
+- You must send the requests using the `BypassCustomPluginExecution` option.
+- The user sending the requests must have the `prvBypassCustomPlugins` privilege. By default, only users with the system administrator security role have this privilege.
+
+> [!NOTE]
+> The `prvBypassCustomPlugins` is not available to be assigned in the UI at this time. You can add a privilege to a security role using the API. More information: [Adding the prvBypassCustomPlugins privilege to another role](#adding-the-prvbypasscustomplugins-privilege-to-another-role)
+
+## What does this do?
+
+This solution targets the custom synchronous business logic that has been applied for your organization. When you send requests that bypass custom business logic, all synchronous plug-ins and real-time workflows are disabled except:
+
+- Plug-ins which are part of the core Microsoft Dataverse system or part of a solution where Microsoft is the publisher.
+- Workflows included in a solution where Microsoft is the publisher.
+
+System plug-ins define the core behaviors for specific entities. Without these plug-ins you would encounter data inconsistencies that may not be easily fixed.
+
+Solutions shipped by Microsoft that use Dataverse such as Microsoft Dynamics 365 Customer Service, or Dynamics 365 Sales also include critical business logic that cannot be bypassed with this option.
+
+> [!IMPORTANT]
+> You may have purchased and installed solutions from other Independent Software Vendors (ISVs) which include their own business logic. The synchronous logic applied by these solutions will be bypassed. You should check with these ISVs before you use this option to understand what impact there may be if you use this option with data that their solutions use.
+
+## How do I use the BypassCustomPluginExecution option?
+
+You can use this option with either the Web API or the Organization service.
+
+### Using the Web API
+
+To apply this option using the Web API, pass `MSCRM.BypassCustomPluginExecution : true` as a header in the request.
+
+**Example request:**
+
+The following Web API request will create a new account record without custom business logic applied:
+
+```http
+POST https://yourorg.api.crm.dynamics.com/api/data/v9.1/accounts HTTP/1.1
+MSCRM.BypassCustomPluginExecution: true
+Authorization: Bearer [REDACTED]
+Content-Type: application/json
+Accept: */*
+
+{
+  "name":"Test Account"
+}
+```
+
+
+### Using the Organization Service
+
+There are two ways to use this with the Organization Service.
+
+#### You can set CrmServiceClient.BypassPluginExecution Property to true
+
+The following example sets the [CrmServiceClient.BypassPluginExecution Property](/dotnet/api/microsoft.xrm.tooling.connector.crmserviceclient.bypasspluginexecution) when creating a new account record:
+
+```csharp
+var svc = new CrmServiceClient(conn);
+
+svc.BypassPluginExecution = true;
+
+var account = new Entity("account")
+{
+    Attributes = {
+        { "name", "Test Account" }
+    }
+};
+
+svc.Create(account);
+```
+Because this setting is applied to the service, it will remain set for all requests sent using the service until it is set to false.
+
+#### You can set the value as an optional parameter with one of the Request classes
+
+The following example sets the optional `BypassCustomPluginExecution` parameter when creating a new account record:
+
+```csharp
+var svc = new CrmServiceClient(conn);
+
+var account = new Entity("account")
+{
+    Attributes = {
+        { "name", "Test Account" }
+    }
+};
+
+var createRequest = new CreateRequest
+{
+    Target = account
+};
+createRequest.Parameters.Add("BypassCustomPluginExecution", true);
+
+svc.Execute(createRequest);
+```
+This optional parameter must be applied to each request individually. You cannot use this with the 7 other IOrganizationService Methods, such as Create, Update, Delete. You can only use the [Execute method](/dotnet/api/microsoft.xrm.sdk.iorganizationservice.execute) using one of the classes that are derived from the [OrganizationRequest Class](/dotnet/api/microsoft.xrm.sdk.organizationrequest).
+
+You can use this method for data operations you initiate in your plug-ins.
+
+## Adding the prvBypassCustomPlugins privilege to another role
+
+Because the `prvBypassCustomPlugins` is not available in the UI to set for different security roles, if you need to grant this privilege to another security role you must use the API. For example, you may want to grant this privilege to a user with the system customizer security role.
+
+The `prvBypassCustomPlugins` privilege has the id `148a9eaf-d0c4-4196-9852-c3a38e35f6a1` in every organization.
+
+### Using Web API
+
+Associate the `prvBypassCustomPlugins` privilege to the security role using the `roleprivileges_association` collection-valued navigation property.
+
+**Request**
+
+```http
+POST [Organization URI]/api/data/v9.1/roles(<id of role>)/roleprivileges_association/$ref HTTP/1.1
+Content-Type: application/json   
+Accept: application/json   
+OData-MaxVersion: 4.0   
+OData-Version: 4.0 
+
+{  
+"@odata.id":"[Organization URI]/api/data/v9.1/privileges(148a9eaf-d0c4-4196-9852-c3a38e35f6a1)"
+} 
+```
+
+**Response**
+
+```http
+HTTP/1.1 204 No Content  
+OData-Version: 4.0  
+```
+
+More information: [Add a reference to a collection-valued navigation property](webapi/associate-disassociate-entities-using-web-api.md#add-a-reference-to-a-collection-valued-navigation-property).
+
+### Using the Organization Service
+
+Associate the `prvBypassCustomPlugins` privilege to the security role using the `roleprivileges_association` relationship.
+
+
+```csharp
+var roleId = new Guid(<id of role>);
+service.Associate(
+    "role",
+    roleId,
+    new Relationship("roleprivileges_association"),
+    new EntityReferenceCollection {
+        {
+            new EntityReference("privilege", new Guid("148a9eaf-d0c4-4196-9852-c3a38e35f6a1"))
+        }
+    }
+);
+```
+
+More information: [Associate and disassociate entities using the Organization Service](org-service/entity-operations-associate-disassociate.md).
+
+
+## Frequently asked questions (FAQ)
+
+### Does this bypass plug-ins for data operations by Microsoft plug-ins?
+
+No. If a synchronous plug-in or real-time workflow in a Microsoft solution performs operations on other records, the logic for those operations are not bypassed. Only those synchronous plugins or real-time workflows that apply to the specific operation will be bypassed.
+
+### Can I use this option for data operations I perform within a plug-in?
+
+Yes, But only when the plug-in is running in the context of a user who has the `prvByPassPlugins` privilege. For the Organization Service, set the optional `BypassCustomPluginExecution` parameter on the class derived from [OrganizationRequest Class](/dotnet/api/microsoft.xrm.sdk.organizationrequest). You cannot use the CrmServiceClient in a plug-in.
+
+### What about asychronous plug-in steps, asynchronous workflows and flows?
+
+Asynchronous logic is not bypassed. Asynchronous logic doesn't significantly contribute to the cost of processing the records, therefore it is not by passed by this parameter.
+
+## See also
+
+[Web API: Compose HTTP requests and handle errors](webapi/compose-http-requests-handle-errors.md)<br />
+[Passing optional parameters with a request](org-service/use-messages.md#passing-optional-parameters-with-a-request)
+

powerapps-docs/developer/data-platform/best-practices/business-logic/develop-iplugin-implementations-stateless.md

@@ -83,7 +83,7 @@ There are three levels where auditing can be configured: organization, table, an
  [Data management in Dynamics 365](/dynamics365/customer-engagement/developer/manage-data)   
  [Audit table data changes](/dynamics365/customer-engagement/developer/audit-entity-data-changes)   
  [Retrieve and delete the history of audited data changes](retrieve-and-delete-the-history-of-audited-data-changes.md)   
- [Sample: Audit table data changes](/dynamics365/customer-engagement/developer/sample-audit-entity-data-changes)   
+ [Sample: Audit table data changes](/dynamics365/customerengagement/on-premises/developer/sample-audit-entity-data-changes)   
  [Auditing data changes in Dynamics 365](/dynamics365/customer-engagement/developer/audit-entity-data-changes)
 
-[!INCLUDE[footer-include](../../includes/footer-banner.md)]
+[!INCLUDE[footer-include](../../includes/footer-banner.md)]

powerapps-docs/developer/data-platform/bypass-custom-business-logic.md

@@ -2,7 +2,7 @@
 title: "Create and use Custom APIs (Microsoft Dataverse) | Microsoft Docs" # Intent and product brand in a unique string of 43-59 chars including spaces
 description: "Custom API is a new code-first way to define custom messages for the Microsoft Dataverse" # 115-145 characters including spaces. This abstract displays in the search result.
 ms.custom: ""
-ms.date: 03/13/2021
+ms.date: 03/22/2021
 ms.reviewer: "pehecke"
 ms.service: powerapps
 ms.topic: "article"
@@ -68,7 +68,7 @@ See the following topics for detailed information about the columns/attributes y
 
 - [CustomAPI Table Columns](customapi-table-columns.md)
 - [CustomAPIRequestParameter Table Columns](customapirequestparameter-table-columns.md)
-- [CustomAPIRequestParameter Table Columns](customapirequestparameter-table-columns.md)
+- [CustomAPIResponseProperty Table Columns](customapiresponseproperty-table-columns.md)
 
 
 ## Invoking Custom APIs
@@ -477,7 +477,7 @@ A: You cannot. Although these records have the common **Status** and **Status Re
 
 ### Q: How can I use my private messages if they are not included in the Web API $metadata service document?
 
-A: Yes. Your private messages will work regardless of whether they are advertised in the Web API [CSDL $metadata document](webapi/web-api-types-operations.md#csdl-metadata-document) or not. While you develop your solution, you can leave the `IsPrivate` value set to `false`. This way you can refer to the `$metadata` listing and use code generation tools that depend on this data. However, you should set the `CustomAPI.IsPrivate` value to `false` before you ship your solution for others to use. If you later decide that you wish to support other applications to use the message, you can change the `CustomAPI.IsPrivate` value to `true`. 
+A: Yes. Your private messages will work regardless of whether they are advertised in the Web API [CSDL $metadata document](webapi/web-api-types-operations.md#csdl-metadata-document) or not. While you develop your solution, you can leave the `IsPrivate` value set to `false`. This way you can refer to the `$metadata` listing and use code generation tools that depend on this data. However, you should set the `CustomAPI.IsPrivate` value to `true` before you ship your solution for others to use. If you later decide that you wish to support other applications to use the message, you can change the `CustomAPI.IsPrivate` value to `false`. 
 
 More information: [Private Messages](org-service/use-messages.md#private-messages) and [Private messages cannot be used in plug-ins](#private-messages-cannot-be-used-in-plug-ins)
 
@@ -519,4 +519,4 @@ If you define your custom API to be private, you cannot use that message in a pl
 [CustomAPIRequestParameter Table Columns](customapirequestparameter-table-columns.md)<br />
 [CustomAPIRequestParameter Table Columns](customapirequestparameter-table-columns.md)
 
-[!INCLUDE[footer-include](../../includes/footer-banner.md)]
+[!INCLUDE[footer-include](../../includes/footer-banner.md)]

powerapps-docs/developer/data-platform/configure-entities-attributes-auditing.md

@@ -68,12 +68,10 @@ You can use the **Analyze in Power BI** option (**Data** > **Tables** > **Analyz
 
 ## Supported operations and data types
 
-For a detailed list of supported SQL operations on the Dataverse endpoint, see [How Dataverse SQL differs from Transact-SQL](how-dataverse-sql-differs-from-transact-sql.md).
-
-Any operation that attempts to modify data (that is, INSERT, UPDATE) will not work with this read-only SQL data connection. Dataverse option sets are represented as \<OptionSet\>Name and \<OptionSet\>Label in a result set.
+Any operation that attempts to modify data (that is, INSERT, UPDATE) will not work with this read-only SQL data connection. For a detailed list of supported SQL operations on the Dataverse endpoint, see [How Dataverse SQL differs from Transact-SQL](how-dataverse-sql-differs-from-transact-sql.md).
 
 The following Dataverse datatypes are not supported with the SQL connection: `binary`, `image`,
-`ntext`, `sql_variant`, `varbinary`, `virtual`, `HierarchyId`, `managedproperty`, `file`, `xml`, `partylist`, `timestamp`.
+`ntext`, `sql_variant`, `varbinary`, `virtual`, `HierarchyId`, `managedproperty`, `file`, `xml`, `partylist`, `timestamp`, `choices`.
 
 > [!TIP]
 > `partylist` attributes can instead be queried by joining to the `activityparty` table as shown below.
@@ -85,9 +83,17 @@ The following Dataverse datatypes are not supported with the SQL connection: `bi
 > group by act.activityid, act.subject
 > ```
 
+### Lookup column type behaviors
+Dataverse lookup columns are represented as \<lookup\>id and \<lookup\>name in a result set.
+
+### Choice column type behaviors
+Dataverse choice columns are represented as \<choice\>Name and \<choice\>Label in a result set.
+>[!TIP]
+> After making changes to labels for a choice column, the table needs to have customizations published. 
+
 ## Limitations
 
-There is an 80-MB maximum size limit for query results returned from the Dataverse endpoint. Consider using data integration tools such as [Export to data lake](../../maker/data-platform/export-to-data-lake.md) and [dataflows](/power-bi/transform-model/dataflows/dataflows-introduction-self-service) for large data queries that return over 80 MB of data. More information: [Importing and exporting data](../../maker/data-platform/import-export-data.md)
+There is an 80-MB maximum size limit for query results returned from the Dataverse endpoint. Consider using data integration tools such as [Azure Synapse Link for Dataverse](../../maker/data-platform/export-to-data-lake.md) and [dataflows](/power-bi/transform-model/dataflows/dataflows-introduction-self-service) for large data queries that return over 80 MB of data. More information: [Importing and exporting data](../../maker/data-platform/import-export-data.md)
 
 Dates returned in query results are formatted as Universal Time Coordinated (UTC). Previously, dates were returned in local time.