Authorization for generic object services - GOS - payroll data
Is there anyway to restrict what people see via GOS? I can't see any authorisations behind it except S_OC_ROLE. Seem users can view payroll details of a workflow agent in the workflow logs(view with technical details). Its a wild shot that an end user will find this information in the container tab but it look like a massive security flaw.
I will be interested to know if others have the same problem and how they resolved it.