Skip to Content
avatar image
Former Member

authorization empty in PFCG

i was reying to restrict dipaly access in my display role, in some cases actvt auth obj is pulling only create , generate.. inthis case i was inactivating that , if i keep it as empty with out selecting any restriction.. execute , change , genereating etc,.. with out tick marking unchecked all and saved. in that case what happens ? am not giving dummy " " does the user still get access ? please suggest

thanks

SR

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

2 Answers

  • avatar image
    Former Member
    Aug 19, 2007 at 12:38 PM

    do not empty the activity value, only give 03 (display to all objects)

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Aug 19, 2007 at 02:12 PM

    Hi Raj,

    To answer your question, if you deactivate the object how will it effect the authorizations.

    It really depends on the transaction, if the transaction (source code) checks for the object and it is deactivated then it will fail. If the object is checked with certain fields specified but others not, then an unspecified field can have any entry in the Role/profile.

    Take a look at SU24 against a transaction and do some tests, you can also look at the transaction source code and directly see the object being checked and its fields; look for AUTHORITY-CHECK.

    I hope this helps.

    Regards

    Ashley

    Add comment
    10|10000 characters needed characters exceeded