MSCRM - Security Role

Hi friend , I came across a requirement , it was something like , user would not able to write a entity record but able to associate a other entity with that record (1:m). So i solved this by using append property of security roles. :-)