03-26-2011 11:05 AM
We have a custom report in HR for late coming and early going. The transaction (custom) enforces a check on P_ORGIN and the user has requested restrcition on Personnel Area.
But even after enforcing the restriction the output is available for other Personnel Area as well.
The user is a test ID and is assigned only the role for this particular transaction and nothing else.
This is the access P_ORGIN that we have maintained:
Authorization level R
Infotype 0000, 0001, 0002, 0007, 2001, 2002, 2003
Personnel Area EUPA, PUPA, SUPA
Employee Group *
Employee Subgroup *
Subtype *
Organizational Key EUPA, PUPA, SUPA
The access should be restricted only to the Personnel Areas mentioned here but I can see the data for other Personnel Area as well
Kindly help me in guiding where I may be going wrong.
Regards,
Dipender
03-26-2011 5:41 PM
Hi,
Please run a ST01 trace and verify if the custom report has authority check for P_ORGIN and even if it does, verify if check for 'DUMMY' has been specified for the object field PERSA. In both cases, the restrictiona entered in user's role wouldn't work as expected.
You can alternately also use reports RSABAPSC or RPR_ABAP_SOURCE_SCAN for verifying the above mentioned points.
Please revert what you find.
Thanks
Sandipan