First you need to know the object name before you go into the AOT. You can do this with a right click when in a form and select Personalize and the Information tab.
Once in the AOT, navigate to an object, right click, select Add-Ins > Security tools. There are 3 sub-functions available when looking at menu items (You will see this function on any AOT object, but likely with limited or in some cases no functionality):
- View related security roles is the key one to use as a security administrator.
- View related security objects goes a bit deeper technically and most useful for developers.
- Security development tool will take you to this tool if you have it installed. (This is a topic of another blog in this series!)
The sub-function that I use in particular is View related security roles. Displayed will be all the roles, duties, and privileges that have access to this menu. Further it will display the permission access level - Full control, View, etc. Please note that there is one bug with this form. It displays the role and sub-role. If you have embedded roles more than 2 deep, the information may not be accurate.
Please refer back to my first post in this series, AX 2012 Security Unwrapped Series - Understanding Role Based Security, that describes the security object hierarchy and the permission access levels.
With this information, you will see all the privileges that have access to either view or update. Additionally, you will understand the duties and roles that the privilege is a part of which will help you decide how you want to grant access to this menu item if requested (and who currently has access)! The basics for maintaining security was described in my previous post in this series, AX 2012 Security Unwrapped Series - Explaining Security Menu.