Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Access to sensitive info within IT0002

Former Member

‎07-24-2008 3:02 PM

0 Kudos

Hi

does anyone know if possible - somehow - to restrict access to date of birth within Infotype 0002? We normally restrict on Infotype level and not fields so probably not but just hoping that I might be wrong.....:-)

Thanks for any advice

Nadia

6 REPLIES 6

former_member74904
Contributor

‎07-25-2008 9:18 AM

0 Kudos

hi nadia,

restriction on field level is typically done through a combination of screencontrol of infotypes and features and not through authorizations per se.

if you use table T588M you have the abililty of showing/hiding/restrict from editting etc. per field in the concerned infotype.

with this you can restict certain users to either see or not see the sensitive fields in the infotype.

good luck!

dimitri

Former Member
In response to former_member74904

‎07-28-2008 5:30 PM

0 Kudos

Hi Dimitri,

Can you elaborate on this ? How you can restrict access using this table.

former_member74904
Contributor
In response to former_member74904

‎07-29-2008 8:45 AM

0 Kudos

hi phoenix,

let me try to briefly explain the infotype screen control. in table T588M you can select the corresponding modulepool for the infotype. in our case this would be MP000200. look for the entry that corresponds with your country code. for me (in the netherlands) this would be 05 (variable key, which in turn is the return value for the feature P0002). if I click on the details-button (ctrlshiftF2) the following screen appears:

[screenshot|http://dimitrivanheumen.googlepages.com/T588M_detail.JPG|screenshot]

here you can see that for example religious denomination is considered a privacy issue and is therefore hidden from view when accessing IT0002 in PA20/PA30.

I hope I was able to clarify this a little...

dimitri

Former Member

‎07-29-2008 8:50 AM

0 Kudos

Dimitri

thanks for the solution with the table, we are definitely thinking about it however I have another question

I suppose that restricting the view of a specific field would restrict it for everybody

I would like to restrict certain fields for most of the users only (e.g. ESS users) however I would still need to open up the access for HR and Payroll people.

Thanks for any suggestion you might have!

Nadia

former_member74904
Contributor
In response to Former Member

‎07-29-2008 9:19 AM

0 Kudos

hi nadia,

the feauture does exactly what you want to be done. in my example, I have used the country code 05. the feauture P0002 looks for your corresponding MOLGA value (which are stored in the parameter tab in SU01).

using the MOLGA value is not obligatory, you might as well use any other parameter to identify ESS users and HR/payroll users so they each have a different view of the infotype.

in the detail screen of T588M, there's a button which brings you directly to the feature editting screen (PE03). there you can specify the decision tree to use view 'A' for ESS users and view 'B' for HR/payroll for example..

good luck!

dimitri./

Former Member

‎11-20-2012 11:50 PM

0 Kudos

Hello Nadia,

If you  would like to restrict certain fields for most of the users only you will need to use feature (PE03 transaction code) for table P0002. Now, I understand that you want the field to remain available for HR & Payroll users and not for ESS users. Below is a step by step instruction to work this out :

1) Go to Transaction SM30 - Table T588M - Maintain (look for screen # 2010 -Alternate Screen). Double click.

2) Check for screen field - Q0002-PERID. Click on Hide

3) On the top of the screen enter a value (eg. 99) on the variable key field. Then click on Feature button below. (This will take you directly to the Feature function). Enter P0002.

4) Inside the feature :

                         a) Click ITBLD and expand it.

                         b) Go to Otherwise node and Expand it.

                         c) Select Country US under MOLGA. and click on the Create icon.

                         d) A pop up will appear- choose 'Field for decision operation' and hit enter key.

                         e) Choose the BTRTL field for Personnel Subarea and click on Transfer.

NOTE : It's my assumption that HR & Payroll must be in a separate Personnel Subarea in your company. If they are not then we may need to look at an alternative way to distinguish your HR & Payroll group from the rest of the company population.

                         f) This will take you back on the initial Feature screen.

                         g) Highlight BTRTL field and click on Create again.

                         h) Highlight Human Resources department (or the area that separates HR & Payroll department from the others) from the list of Personnel Subareas and click the check button.

                          i) Highlight the PSA and click on Create one more time. (this should be your last; I promise )

                          j) On the pop up window choose the Return Value radio button and enter the same value you entered earlier in in the Variable Key field (in the eg. it's 99). Hit on enter to return back to the feature.

                        k) Finally delete the additional Otherwise node to maintain feature consistency and YOU ARE GOOD to Goooo!!!!

Let me know if that works - if not we always have an alternative

Good Luck!!!

Puneet