Manager's problem with appraisal
Our MSS users are able to see their subordinates' appraisal documents, but not their own.
I am using evaluation path O-O-S-P for object O with RH_GET_MANAGER_ASSIGNMENT.
But now according to SU53, the system is asking for object P, with DISP and INSE to his own personnel number.
I tried to add object P without any evaluation path and FM into the Manager's structural profile, it works (manager can see his own appraisal document), BUT then it allows Managers to see other people's information as well, which is not right.
Nerxt, I tested again by adding FM RH_GET_MANAGER_ASSIGNMENT into the P object, and it doesn't work.
What's your advice?
Edited by: Theoz on Sep 25, 2008 9:24 AM
D. van Heumen replied
are you using the context solution?
if so, this can be resolved through the auth switch DFCON:
HR: Default position (context)
Authorization main switch that controls how the system reacts for
personnel numbers that are not linked to the organizational structure
(this means for those in the Organizational Assignment infotype (0001)
that have the default position as their position), if the context
solution is implemented.
In the standard system the switch is set to 1. You can set the switch to
1, 2, 3, or 4. The different switch settings determine how the system is
to react for personnel numbers that are not linked to the organizational
structure (this means those in the Organizational Assignment infotype
(0001) with the default position as their position).
You may want to use the organizational unit stored in the Organizational
Assignment infotype (0001) for the authorization check of such personnel
numbers (if available). If this is required, the main switch must be set
to 1 or 3. If it is not required the switch should be set to 2 or 4.
If the person is assigned the default position, but has no
organizational unit in the Organizational Assignment infotype (0001) (or
if this should not be evaluated), then you cannot perform an
authorization check using the organizational assignment. In this case
you can enter whether the system should allow authorization per default
or not. If you do not want to allow authorization per default, set the
main switch to 1 or 2. If you do want to allow it, enter 3 or 4. You
have the following combination options:
Evaluate org. unit/reject authorization per default: 1
Evaluate org. unit/allow authorization per default: 3
Never evaluate org. unit/reject authorization per default: 2
Never evaluate org. unit/allow authorization per default: 4
For non-context authorization objects, make the setting using the switch
if you're not using context, you should have a look at the ORGPD switch values as mentioned at the end of the quoted text above.
I hope this helps!