Skip to Content
0
Former Member
Jan 02, 2008 at 03:09 PM

S_PH9_46000172 (WTR) not restricting access to Org Key (VDSK1 in P_ORGIN

262 Views

Transaction: S_PH9_46000172 - Wage Type Reporter (WTR) is not restricting access to Corporate employees via Org Key (VDSK1 in P_ORGIN).

We have an HR Payroll Admin Role containing several transactions including:

S_PH9_46000172 - Wage Type Reporter (WTR)

PUOC_10 - Off-Cycle Wrkbench USA (OCWB)

PA30 - Maintain HR Master Data

This role should restrict access to Personnel Area (US Only) and Org Key (non-Corporate employees only). If an employee’s Org Key is populated, the Payroll Admin should not have access to that employee’s record.

For transactions: PA30 and PUOC_10, the restriction for viewing Corp vs. non-Corp employees works as designed (going through authorization checks in P_ORGIN). For transaction: S_PH9_46000172 (WTR), the Payroll Admins are able to view both Corp and non-Corp employees because the auth check is on P_ABAP and not P_ORGIN.

If we remove the P_ABAP authorization object from the role, the Off-cycle Workbench transaction (PUOC_10) does not produce any results (no data). Is there a way to keep the P_ABAP authorization in this role and have the WTR transaction (S_PH9_46000172) perform the check on P_ORGIN? Or is there another way to ensure the restriction for Org Key works properly for all transactions?

Thank you for any assistance or suggestions.