Skip to Content
0

Business roles and their access rights

Jul 18, 2017 at 09:39 AM

50

avatar image
Former Member

Has anyone any deep knowledge of business roles and their access restrictions?

I have a problem where one business role works fine but another one does not.

An OVS associated with the Business role is meant to display data (i.e local classifications)

However it does not display the old ones but rather just ones created then and there on the spot.

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

2 Answers

Best Answer
Horst Schaude
Jul 21, 2017 at 01:07 PM
1

Hello Eamon,

It's mostly how the BO w.r.t access control is defined.

Please have a look at these sections in the documentation:

  • 7.2.2.2 Access Control Context (Business Object)
  • 7.2.2.23 Relevant for Access Control (Business Object)
  • 8.3.3.5 Define Access Control

HTH,
. Horst

Share
10 |10000 characters needed characters left characters exceeded
Horst Schaude
Jul 20, 2017 at 12:29 PM
1

Hello Eamon,

I've got this answer from a colleague:

Looks like an authorizations problem. The users seems to have the start authorization, but if I get you right, then the instance restrictions are not as expected. You need to check the instance restrictions of the business role in this case. Note that if users have multiple business roles, then they accumulate the authorization of all of them (which could explain also the difference)

HTH,
. Horst

Show 1 Share
10 |10000 characters needed characters left characters exceeded
Former Member

Hi Horst

Thanks for your response. I have discovered since I posted this question, that this problem lies with the creator of the Local Classifications data. The person who originally added the classifications into the solution on the frontend is no longer an employee(no longer part of the company still in the org but no longer valid) and therefore their user is invalid. As this is the case, all the classifications created by that user are now missing. However if you re-add the user via sales org, the data displays correctly.

Restriction should be made only upon the Sales Org of the Local classification entry and not related to the sales org of the creator of that local classification.

It should be possible to end the validity of the creator of the Local Classifications and still have them available for other active employees to select.

I believe this has to be corrected at PDI level in the scripting as there is no way to make the local classifications available on the frontend without having their creator valid in the Org and this is a Cross Market Issue although the incident refers only to one particular business role at present, it could eventually affect others in the future. There is something in the script that ties the classifications to the creator only and not to business role.

So at the moment, currently working on a solution in the PDI. If you have any thoughts on how to go about this feel free to provide me with your opinions, all help is greatly appreciated :)

Thanks

Eamon

0