Travel & Expense security.
We are using WF to approve travel expenses. For a manager to be able to approve the trips, we are told that he needs aut.object P_TRAVL (field AUTHP = E). However - when given this authorization, the manager also gets access to a button "Change personnel number" in TRIP (or ESS). Via this he can actually create travel expenses for any employee he otherwise has access to.
This is viewed by our users as a security lopphole - which we agree on. Any hints how to solve this without having to dim out the button via code repairs? Can it be solved via field AUTHF?