Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ML81N - Display only Line Item & Restrict Accept Flag

Go to solution
melissa_tan
Explorer

‎11-16-2014 2:49 PM

0 Kudos

Hi,

I have these 2 requirements from the business and need expert opinion on it:

1)  My users have this issue wherein SOME users use ML81n to create the SES and then goes to the PO to get the PO line item for the services delivered. It turns out that everyone with the ML81N access are able to change the value/quantity of the Purchase Order.

So what the business wants to do now is to restrict everyone but the Purchase Requisioner to be able to change the line items of the Purchase Orders.

I have tried looking at the authorization objects M_BEST_EKO, M_BEST_BSA & M_BEST_WRK but it seems like it might be tedious since i may have to review the roles again (ie: making sure that only the Purchase Requisioner can make changes but everyone else has display only)

Or would a user-exit be a better option?

2) How to restrict certain users with ML81N from approving/releasing a SES? Would ensuring that activity 75 is not checked in auth objects M_BEST_EKO, M_BEST_BSA & M_BEST_WRK sufficient?

Looking forward to some feedbacks

thanks in advance,

Melissa

1 ACCEPTED SOLUTION

Go to solution
jagdeepsingh83
Active Contributor

‎11-17-2014 7:31 PM

0 Kudos

M_BEST_EKO is purchase order object whereas PR object name is M_BANF_EKO. Plus you have for service entry sheet.  You need to activity 75 and activity 03 for purchase order. It seems you have also given 02 authorization for purchase orders.  that is reason they are able to edit PO quantities.


I think you need to spend sometime with you Security consultant to test these scenarios. I will not recommend to for a user exit as it can be well control using authorization objects and roles.

2 REPLIES 2

Go to solution
former_member190893
Active Participant

‎11-17-2014 7:41 AM

0 Kudos

Hi, BASIS can restrict the values. ME22N option remove the all user except the PR creator or one User. for SES Release u know the particular person. u can give the authorization for that user Regards Kumar

Go to solution
jagdeepsingh83
Active Contributor

‎11-17-2014 7:31 PM

0 Kudos

M_BEST_EKO is purchase order object whereas PR object name is M_BANF_EKO. Plus you have for service entry sheet.  You need to activity 75 and activity 03 for purchase order. It seems you have also given 02 authorization for purchase orders.  that is reason they are able to edit PO quantities.


I think you need to spend sometime with you Security consultant to test these scenarios. I will not recommend to for a user exit as it can be well control using authorization objects and roles.