Transaction: S_PH9_46000172 - Wage Type Reporter (WTR) is not restricting access to Corporate employees via Org Key (VDSK1 in P_ORGIN).
We have an HR Payroll Admin Role containing several transactions including:
S_PH9_46000172 - Wage Type Reporter (WTR)
PUOC_10 - Off-Cycle Wrkbench USA (OCWB)
PA30 - Maintain HR Master Data
This role should restrict access to Personnel Area (US Only) and Org Key (non-Corporate employees only). If an employees Org Key is populated, the Payroll Admin should not have access to that employees record.
For transactions: PA30 and PUOC_10, the restriction for viewing Corp vs. non-Corp employees works as designed (going through authorization checks in P_ORGIN). For transaction: S_PH9_46000172 (WTR), the Payroll Admins are able to view both Corp and non-Corp employees because the auth check is on P_ABAP and not P_ORGIN.
If we remove the P_ABAP authorization object from the role, the Off-cycle Workbench transaction (PUOC_10) does not produce any results (no data). Is there a way to keep the P_ABAP authorization in this role and have the WTR transaction (S_PH9_46000172) perform the check on P_ORGIN? Or is there another way to ensure the restriction for Org Key works properly for all transactions?
Thank you for any assistance or suggestions.