on 06-08-2012 8:27 PM
Hi all,
In SRM 7.01, is it possible to separate PO approval access from PO Change access?
It seems that a user can only approve a PO if they have PO change access, however, we do not want a PO approver to be able to change a PO – we only want a PO approver to be able to approve a PO.
Any thoughts?
Cheers,
Hi AD,
Please check the process level configuration , where the process level in the process schema for the corresponding responsible resolver should be assigned level type as "Approved".
If its approved, then the approver can only either reject/approve the document with out changing.
Regards
Kannaiah kavuri
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Kannaiah.
I took a look at my workflow and it is already set to level type = "approval". Currently, the approver cannot approve (as I removed PO change security authorization). Only, after I add the PO change security authorization, is the approver able to approve the PO, however, they are then able to change a PO which is what we do not want. Is there another security role or configuration that I can use such that the approver can only approve, and not change the PO?
Thanks,
AD
Hello AD,
if what you describe is correct, then this is a SAP bug.
As Venkata wrote it, for process level type "Approval" from a process schema definition, approver is not able to change purchasing document, except adding notes and attachments (and rejection notes for Iinvoice and confirmation)
Check you metadata customizing for PO: perhaps, dynamic customer class and methods are populated: this could explain why PO is changeable by approvers for an approval process level.
Have a look at OSS note 1277921 - Allow-Disallow to edit fields for approver-reviewer
Regards.
Laurent.
Hi Laurent,
Thanks for the note
Once I add authorization object BBP_PD_PO Activity 02 to the user role, the user is able to approve / reject the PO. In this screen, they are NOT able to edit the PO (there is NO EDIT buttton - which is what I want), which also matches what you and Venkata describe above.
However, since they have this authorization object, there is nothing stopping the user from searching for a PO (in a report or a listing) or going to the "related documents" tab of a shopping cart, clicking on the PO, and changing the PO (as the EDIT button is visisble to them in this screen).
It is actually similar to another post I found on SDN - http://scn.sap.com/thread/1951139
Also, I looked at that OSS note 1277921 and it is not relevant to my release.
Thoughts?
Cheers,
AD
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.