on 02-15-2010 7:36 PM
Hi
We have several companies in one client. For "Who is Who", the user has a P_ORGIN authorization to read the relevant infotypes. P_ORGIN is restricted to their own Personal Area (which at our site is 1:1 with company).
However, it the same user has read access across personell areas for IT2002, they see all companies in Who is who! As 2002 is not part of the result in who is who, it seems like a bug to me.
Has anyone experienced this behaviour?
Br
Kirsten
Authorization object P_ABAP was set for the report created by WIW. This is incorrect. Removed P_ABAP and problem solved.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
It2002? You mean infotype attendances? Please clarify
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Yes - the user has access to the attendance infotype cross company for other reasons.
But actually, it seems like if a user has access to any infotype cross company - this opens up Who is who for all companies.
In my view, who is who should not show personal data from other companies just because you have read access to eg. the attendance infotype.
Kirsten
User | Count |
---|---|
107 | |
12 | |
11 | |
6 | |
5 | |
4 | |
4 | |
3 | |
3 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.