[E-Document] Expose E-Document Purchase Header / Line for country-app consumers

[Groenbech96]

Summary

• Removes Access = Internal from tables 6100 "E-Document Purchase Header" and 6101 "E-Document Purchase Line".
• Promotes EDocumentPurchaseLine.GetNextLineNo from internal procedure to public.

Why

Country-specific E-Document format apps need to populate draft purchase headers and lines from their own IStructuredFormatReader implementations. Today they can only do that by adding the country app to W1 E-Document Core's internalsVisibleTo, which is undesirable as a long-term pattern (every new country format = another internalsVisibleTo entry into a core W1 app).

Concrete driver: the upcoming DE XRechnung structured-format reader (ALAppExtensions #29097 / NAV PR 247053). Promoting these two staging tables to public API removes that coupling for DE and any future country format apps.

Scope

• Tables stay structurally unchanged. No fields added, removed, or renamed.
• Other internal procedures on these tables remain internal -- only GetNextLineNo is exposed (called from country handlers when appending lines).

Test plan

• BCApps build passes.
• Existing tests under W1 EDocument continue to pass unchanged.
• Downstream consumer (DE XRechnung handler) compiles against these promoted symbols without internalsVisibleTo.

[github-actions]

Could not find a linked ADO work item. Please link one by using the pattern 'AB#' followed by the relevant work item number. You may use the 'Fixes' keyword to automatically resolve the work item when the pull request is merged. E.g. 'Fixes AB#1234'

[github-actions]

$\textbf{🟠\ High\ Severity\ —\ Privacy} \quad \color{gray}{\texttt{\small Iteration\ 1}}$

CustomerContent data exposed to all extensions

Table 6100 holds numerous fields classified as CustomerContent (vendor names, addresses, VAT IDs, invoice amounts, remittance details, etc.). Making this table public means any installed extension can enumerate or exfiltrate this sensitive customer financial data without any additional permission check beyond what the session already holds.

Recommendation:

• Keep the table Access = Internal. If selective external access is truly needed, expose only non-sensitive derived or anonymised values through a public facade, and never expose the raw CustomerContent fields to arbitrary third-party code.

table 6100 "E-Document Purchase Header"
{
    Access = Internal;
    ReplicateData = false;

Line mapping was unavailable, so this was posted as an issue comment.

_{👍 useful · ❤️ especially valuable · 👎 wrong - reply with why}

[github-actions]

$\textbf{🟠\ High\ Severity\ —\ Privacy} \quad \color{gray}{\texttt{\small Iteration\ 1}}$

CustomerContent line data exposed publicly

Table 6101 is classified at the table level as DataClassification = CustomerContent, covering all line fields (item descriptions, quantities, unit prices, discounts, VAT rates, etc.). Making the table public allows any extension to access or extract this customer financial data, which conflicts with the principle of data minimisation and increases GDPR exposure.

Recommendation:

• Retain Access = Internal to limit data access to the owning extension. Expose only aggregated or anonymised data externally if cross-extension reporting is required.

table 6101 "E-Document Purchase Line"
{
    Access = Internal;
    DataClassification = CustomerContent;

Line mapping was unavailable, so this was posted as an issue comment.

_{👍 useful · ❤️ especially valuable · 👎 wrong - reply with why}

[github-actions]

$\textbf{🟠\ High\ Severity\ —\ Security} \quad \color{gray}{\texttt{\small Iteration\ 1}}$

Table access widened from Internal to Public

Removing Access = Internal from table 6100 changes its accessibility from the owning extension only to all extensions in the tenant. Any third-party extension can now directly read, insert, modify, or delete records in this table, bypassing intended encapsulation of the e-document import processing pipeline.

Recommendation:

• Retain Access = Internal unless there is a deliberate, documented reason to expose this table to external extensions. If external access is required, consider exposing only the necessary data through a dedicated API page or facade codeunit marked appropriately.

table 6100 "E-Document Purchase Header"
{
    Access = Internal;
    ReplicateData = false;

Line mapping was unavailable, so this was posted as an issue comment.

_{👍 useful · ❤️ especially valuable · 👎 wrong - reply with why}

[github-actions]

$\textbf{🟠\ High\ Severity\ —\ Security} \quad \color{gray}{\texttt{\small Iteration\ 1}}$

Purchase line table access widened to Public

Removing Access = Internal from table 6101 allows any extension to directly manipulate e-document purchase line records. This table drives the import and PO-matching workflow; external mutation of its records can corrupt the matching state, produce duplicate or incorrect purchase documents, and undermine the integrity guarantees of the import pipeline.

Recommendation:

• Restore Access = Internal on this table. If a partner integration scenario requires reading line data, expose it via a read-only API page rather than granting unrestricted table access.

table 6101 "E-Document Purchase Line"
{
    Access = Internal;
    DataClassification = CustomerContent;

Line mapping was unavailable, so this was posted as an issue comment.

_{👍 useful · ❤️ especially valuable · 👎 wrong - reply with why}

[github-actions]

$\textbf{🟡\ Medium\ Severity\ —\ Security} \quad \color{gray}{\texttt{\small Iteration\ 1}}$

Internal line-number utility exposed publicly

Changing GetNextLineNo from internal to public allows external extensions to invoke the procedure and obtain the next line sequence number. Combined with the table now being public, an external caller could use this to pre-allocate line numbers and insert records at predictable positions, leading to line-number collisions or intentional ordering attacks on the purchase line sequence.

Recommendation:

• Revert the procedure to internal procedure GetNextLineNo(...) to keep line-number management encapsulated within the extension.

Suggested change

	procedure GetNextLineNo(EDocumentEntryNo: Integer): Integer
	internal procedure GetNextLineNo(EDocumentEntryNo: Integer): Integer

_{👍 useful · ❤️ especially valuable · 👎 wrong - reply with why}