Skip to Content
0

Deletion is working even after removing the 06 activity from the authorization object.

May 18, 2017 at 12:10 PM

129

avatar image

Hi there,

We were trying to restrict user access to create and change attachments in QC52 but not to delete, for this we removed 06 activity from all the roles that are in the authorization object C_DRAD_OBJ from PFCG. But even after this users are able to delete the attachments in QC52.

Quick help is appreciated

10 |10000 characters needed characters left characters exceeded

Best starting point on issues like this one is to run an authorization trace and check which objects and values are actually checked for an action. If you find RC=0 output for objects/field values which aren't in the users' roles/profiles you can also check SU24 to see if any checks have been disabled for transaction QC52.

1

Actually User has access for QC52 If he go to certificate and then attachment list...from there user is able to delete the attachment.

But we revoked the activity 06 from Authorization Object : C_DRAD_OBJ still its allowing user to delete the attachment.

0
* Please Login or Register to Answer, Follow or Comment.

1 Answer

Best Answer
Jurjen Heeck May 19, 2017 at 10:52 AM
0

Yes, that is what you wrote earlier. Now try this with an authorization trace (ST01 or STAUTHTRACE) and see which objects and field values are actually checked when you delete an attachment.

Show 1 Share
10 |10000 characters needed characters left characters exceeded

Hi Jurjen, Thanks for the help, we will try with the authorization trace and come to you :)

0