on 08-06-2020 1:01 PM
Hi All,
I have created a user with role of cashier in which he can do the day end closing but in the permissions i have set the Show current cash balance to NO.
So in that case after proceeding from this screen to next and if he want to change something on this screen again then he have to enter admin password for that.
The issue with this is that if he goes back to this screen which i have attached the screenshot of and changes the values to which ever he wants and press the Discard changes button then the values which he has updated will get saved and he will proceed to this screen with updated values
So by doing this he can update the values without any authorization which I think shouldn't be the case.
Let me know if you need any clarification about this scenario
Hi Raveed, this sounds like a bug, I would suggest to open an incident for the SAP support to get this fixed.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello raveedriaz,
The fix is now also contained in 2.0 FP09. See release note 2963546.
Fix: Remove broken discard changes button.
Symptom: Removed a button called 'discard changes'. This button was only shown in a specific scenario and imposed a security risk so it has been removed
Prerequsite:
Best regards,
Gunther
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello raveedriaz,
This is fixed in SAP Customer Checkout Feature Pack 10 (planned release in October 2020).
In FP10 the Discard changes button will not be available to a such a user during day-end closing.
Kind regards,
Gunther
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
5 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.