Hide/Show fields in CRM 4.0 based on Security Role

Many people have developed ways to load the user's security roles as the page loads. Once you have the role you can do whatever you want on the screen with JavaScript (Hide, disable, pre-populate). This will work; however, please realize that this will make another web service call EVERY time the page loads. This means that there are performance and JavaScript issues that are inherited with this solution. Any way Zahara Hirani has a solution that can be found on his BLOG here.The Following is a clipping from the blog.
-------------------------------------------

In CRM 4.0, the “WhoAmI” method can be called using the CRM Service Execute method.
We first create an xmlhttp object and using the “Post” method specifies the request to be handled synchronously.

We then create the request object and using the xmlhttp send method retrieves the response.

The response can be accessed using xmlhttp.responseXML and can be loaded into an XML DOM object (xmlDoc).

The response xml returned contains the system user id and the business unit id associated to the system user.

Once we get the user id, we can use the UserManager web service and use the GetUserRoles method to retrieve all the security roles that exists in CRM.

All the roles that the system user is a part of will have a ‘checked=true’ value.
We then check if the current user has the role we are validating against and based on the result hide/show the certain fields.

Below is the code that would need to be placed in the entity’s OnLoad Event:

//Based on the role of the user logged in, hide the revenue tab on the opportunity
if(currentUserHasRole('Customer Service Representative'))
{
crmForm.all.estimatedrevenue.parentElement.parentElement.parentElement.style.display='none';
}
}
catch(e)
{
alert("There was an error with this field\'s customized event\u002e\n\nField\u003a crmForm\n\nEvent\u003a onload\n\nError\u003a " + e.description);
}
}
}

function getUserId()
{
try
{
var xmlhttp = new ActiveXObject("Msxml2.XMLHTTP");
xmlhttp.open("POST", "http://localhost/mscrmservices/2007/crmservice.asmx", false);
xmlhttp.setRequestHeader("Content-Type", "text/xml; charset=utf-8");
xmlhttp.setRequestHeader("SOAPAction", "http://schemas.microsoft.com/crm/2007/WebServices/Execute");
var soapBody = ""+ ""+ ""+ "";
var soapXml = "";
soapXml += GenerateAuthenticationHeader();
soapXml += soapBody;
soapXml += "";
xmlhttp.send(soapXml);
xmlDoc=new ActiveXObject("Microsoft.XMLDOM");
xmlDoc.async=false;
xmlDoc.loadXML(xmlhttp.responseXML.xml);
var userid = xmlDoc.getElementsByTagName("UserId")[0].childNodes[0].nodeValue;
return userid;
}
catch(e)
{
return null;
}
}

function getUserRoles(userId)
{
try
{
var command = new RemoteCommand("UserManager", "GetUserRoles");
command.SetParameter("userIds", "" + userId + "");
var oResult = command.Execute();
if (oResult.Success)
{
return oResult.ReturnValue;
}
}
catch(e)
{
return null;
}
}

function userHasRole(userId, roleName)
{
var hasRole = false;
result = getUserRoles(userId);
if (result != null)
{
var oXml = new ActiveXObject("Microsoft.XMLDOM");
oXml.resolveExternals = false;
oXml.async = false;
oXml.loadXML(result);
roleNode = oXml.selectSingleNode("/roles/role[name='" + roleName + "']");
if (roleNode != null)
{
if (roleNode.selectSingleNode("roleid[@checked='true']") != null)
{
hasRole = true;
}
}
}
return hasRole;
}

function currentUserHasRole(roleName)
{
userId = getUserId();
return userHasRole(userId, roleName);
}

function Crowe_Test()
{
if(true)
{
try
{