In SRM 4.0, we use the backend to determine what account authorization a user has. This has worked pretty well until we applied SP12.
All of our users were given the Employee job role in SRM in order to create carts. If the user is considered a central user, they can create carts using any account. After SP12, these users were only able to create carts to funds centers in their profile and it did not look at the fact that they also had central roles.
Our programmer has modified his authority check function module. However, this will look at users that have any central role. We don't want that to happen. Without completely modifying the function module, how do other organizations allow their central users to create carts using any account. Are they given a separate role on the SRM side that differs from the departmental users?
Would the separate role in SRM override their R3 security?
Any help and advice would be greatly appreciated. Thanks.