Authorization objects for transactions in SAP CRM
For transaction, the authorization check is run according to the following procedure:
1.Your own documents (authorization object CRM_ORD_OP)
2.Visibility in the organizational model (authorization object CRM_ORD_LP)
3.Territory check in claims management (authorization object CRM_ORD_TE)
4.Combination of several authorization objects (CRM_ACT, CRM_OPP, CRM_SAO, CRM_SEO, CRM_CO_SE, CRM_CON_SE, CRM_LEAD, CRM_CMP, CRM_CO_SA, CRM_CO_SC)
5.Authorization object CRM_ORD_PR
6.Authorization object CRM_ORD_OE
For CRM_ORD_OP - I have disabled the delete option.
For rest of the auth object, I have given full authorization. But the system is not considering the auth object: CRM_ORD_OP. The user is still able to delete the transaction.
However, if I disable the delete option for auth objects - CRM_ORD_PR & CRM_ORD_OE, its working fine i.e. user cannot delete the transaction.
Actually, our requirement is to govern the visibility of transaction document using auth object CRM_ORD_OP. But the system is not considering the auth object during authorization check.
Any inputs will be highly appreciated.