Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

HR Authorizations-Country specific

Former Member

‎11-15-2007 6:48 PM

0 Kudos

Hi All,

Can you please let me know the best way to restrict HR users to process or view data specfic to a country. A HR user or manager in US should only be able to see data of US employees, and similaryly for all other countries.

I know I can use the Personnel Areas (which are country specific) in P_ORGIN to do this restriction, but this will end up in creating huge number of roles (approx 75 countries). If we have 10 roles and each role has to be country specific then we will end up with 750 roles which is a maintenance nightmare.

Can you please suggest any alternate approaches?

Thank you,

Jay

6 REPLIES 6

Former Member

‎11-16-2007 3:43 PM

0 Kudos

I feel you will have to create the desired no. of roles.

Only thing you can do is to create a global(GL) role., e.g. ZtestGL role which contains all the authorizations which have to be present with other 75 roles. Only difference can be the org level values which can be '*' for this role.

Create rest of the other country's role(affiliate roles) by deriving from this GL role. Only thing you need to change is org level values in the country's role keeping the other authorizations common.

In all you may have to create 10 GL roles, and it won't take too much of time in creating other roles by deriving them from the GL role.

Don't give GL role to any country. Keep it for reference and for further creation of other country roles(in future).

Hope it helps. Points are welcome!!

Former Member

‎11-16-2007 4:09 PM

0 Kudos

Hi Jayaroop,

This requirement is just what structural authorisations are designed for

Former Member
In response to Former Member

‎11-17-2007 12:17 AM

0 Kudos

Alex,

How would the structural auths help in country specific restriction. Is it not businness unit specif restiction where in we give access to the org unit and its tree? If a buiness unit is spread accross different different counries then how can we restrict based on country using structural authorizations?

Thanks,

Jay

Former Member
In response to Former Member

‎11-17-2007 1:46 AM

0 Kudos

ah, I see. Your expansion of the problem complicates things a bit - I will have to defer to someone with more knowledge of SA's I'm afraid. It sounds like the org structure you have in place with BU above country makes it more difficult.

Former Member
In response to Former Member

‎11-18-2007 8:09 AM

0 Kudos

Thanks Alex. I hope someone comes up with suggestions.

former_member74904
Contributor
In response to Former Member

‎11-19-2007 10:45 AM

0 Kudos

hi jayaroop,

I think the suggestion offered by Catastrophe is probably the best way to go.

by using derived roles you only have to build roles for the required functionality once. since the only variable in these roles will be organizational values such as personnel area etc. you can use the derivation principle for this with the variables being the required organizational levels.

good luck,

dimitri