cancel
Showing results for 
Search instead for 
Did you mean: 

Business roles and their access rights

0 Kudos

Has anyone any deep knowledge of business roles and their access restrictions?

I have a problem where one business role works fine but another one does not.

An OVS associated with the Business role is meant to display data (i.e local classifications)

However it does not display the old ones but rather just ones created then and there on the spot.

Accepted Solutions (1)

Accepted Solutions (1)

HorstSchaude
Product and Topic Expert
Product and Topic Expert

Hello Eamon,

It's mostly how the BO w.r.t access control is defined.

Please have a look at these sections in the documentation:

  • 7.2.2.2 Access Control Context (Business Object)
  • 7.2.2.23 Relevant for Access Control (Business Object)
  • 8.3.3.5 Define Access Control

HTH,
. Horst

Answers (1)

Answers (1)

HorstSchaude
Product and Topic Expert
Product and Topic Expert

Hello Eamon,

I've got this answer from a colleague:

Looks like an authorizations problem. The users seems to have the start authorization, but if I get you right, then the instance restrictions are not as expected. You need to check the instance restrictions of the business role in this case. Note that if users have multiple business roles, then they accumulate the authorization of all of them (which could explain also the difference)

HTH,
. Horst

0 Kudos

Hi Horst

Thanks for your response. I have discovered since I posted this question, that this problem lies with the creator of the Local Classifications data. The person who originally added the classifications into the solution on the frontend is no longer an employee(no longer part of the company still in the org but no longer valid) and therefore their user is invalid. As this is the case, all the classifications created by that user are now missing. However if you re-add the user via sales org, the data displays correctly.

Restriction should be made only upon the Sales Org of the Local classification entry and not related to the sales org of the creator of that local classification.

It should be possible to end the validity of the creator of the Local Classifications and still have them available for other active employees to select.

I believe this has to be corrected at PDI level in the scripting as there is no way to make the local classifications available on the frontend without having their creator valid in the Org and this is a Cross Market Issue although the incident refers only to one particular business role at present, it could eventually affect others in the future. There is something in the script that ties the classifications to the creator only and not to business role.

So at the moment, currently working on a solution in the PDI. If you have any thoughts on how to go about this feel free to provide me with your opinions, all help is greatly appreciated 🙂

Thanks

Eamon