Restrict users from making repository changes
We want to restrict certain users from making workbench/repository changes. Is this possible through transaction PFCG by roles? If so, what authorizations do I need to customize?
I would suggest to activate the authorization trace (ST01) and then execute steps that you want to restrict (or allow) for those certain users. Once it's done you'll nee dto analyze trace identifying what authorizations need to be revoked (or granted) for users