P_Perno
All,
Quick question for you all-
We have Deloitte Security Person created HR Role
I see P_ORGINCON has been given
R access for Few Info Types.
P PERNO is given the vaule of
Maintained HR: Master Data -> Personnel Number Check
Authorization level W
Infotype *
Interpretation of assigned per E
Subtype *
Does this mean user has access to All the infotypes
and can edit or write access for everyone. but himself ?
Does it matter what P_ORGINCON object has for this role?
Please advise.
From
Praveen,
Does this mean user has access to All the infotypes
and can edit or write access for everyone. but himself ?
Does it matter what P_ORGINCON object has for this role?
in your example the user has read access to 'a few infotypes' and is excluded from write access (hence the 'E' in the PSIGN field) for his own data.
if the PSIGN field were 'I' (include) the user in your example would have been granted full access to all infotypes (only his own data).
access to other employee data is regulated through the P_ORGINCON objects.
Similar Messages
-
Scenario:
We have two Roles one for ESS (EXISTING ROLE)and other one for Performance Appraisal. (NEW ROLE)
Both Roles has P origincon & P_perno.
NEW ROLE that will be added to user has following values:
for P_PERNO.
Manually HR: Master Data - Personnel Number Check
Authorization level R
Infotype *
Interpretation of assigned per *
Subtype *
Manually HR: Master Data - Personnel Number Check
Authorization level *
Infotype *
Interpretation of assigned per E
Subtype ' '
HR: Master Data - Personnel Number Check
Authorization level *
Infotype *
Interpretation of assigned per E
Subtype *
Old Existing Role has following P_PERNO values.
Authorization level D, E, M, R, S, W
Infotype 0002, 0006, 0009, 0021, 0077, 0105, 0106, 0167, 0168, 0169
Interpretation of assigned per I
Subtype *
HR: Master Data - Personnel Number Check Z:HRPRTESS09
Authorization level M, R
Infotype 0000, 0001, 0003, 0007, 0008, 0171, 0378
Interpretation of assigned per I
Subtype *
Question is ->
Would P_perno Value from NEW Role overwrite
P_perno values in EXISTING Role? Please advise.
Thanks,
From,
PranavHowever, since PSIGN = * and * can be substituted for any value, PSIGN and E can also be interpreted as I. This can also lead to an undefined situation. In earlier releases, the authorization was denied on the basis of the rule E is stronger than I. This meant that superusers with assigned personnel numbers were not able to access their own personnel number. The programs have since been changed and now * is interpreted as I and is stronger than E. In other words, * is stronger than E and E is stronger than I, whereby * is interpreted as I.
this means that any P_PERNR object with PSIGN value * will overrule any other P_PERNR object with PSIGN = E.
with this in mind, the new role would overrule all values from the old role.
Maybe you are looking for
-
I rented Argo in iTunes on my iPad, it downloaded, yet it does not show up in my library.
I rented Argo in iTunes on my iPad, it downloaded, yet it does not show up in my library. I have the most updated version of iTunes on my laptop and Apple TV. I logged onto my computer (Windows) and tried renting it again, iTunes store told me 'you h
-
Dual Display - help with Cinema Display for MacBook Pro where MB won't detect displays.
I just got a Cinema Display (a1081 20") ("CD") off eBay to use as a dual screen with my Macbook Pro OS X 10.6.8 ("MB"). However, I can't get MB to recognize CD! I've tried power cycling both the MB and the CD with and without USB cord connected. MB w
-
How can I press keyboard to play vdo only once!
Hi, I'm here again for your help :{ I have a question which I tried to google it but can't find the answer. Well,..May be there is an answer but I just can't make it works? I'm in a process of learning AS3 so let's say I'm still new here. What I'm do
-
Error with sap businees client
how to rectify these error
-
HT1498 Why is it taking 8 hours to download a rented movie?
Why is it taking 8 hours to load a rented movie on ITV?