Wednesday 26 March 2014

How to enforce of authorization in Adhoc query

Read/write access to certain employee group for Basic Pay infotype has been restricted in user authorization profiles but the user was able to generate the pay information that should be filtered when performing an execution of adhoc query with output fields of Basic pay infotype.

User only authorizes to generate a query for only "non-clerical, clerical and senior clerical" but the query is showing information that suppose to be restricted (query containing information of "manager" group).

The correct query that suppose to be generate:
(ex: for clerical, non-clerical and senior clerical group only)

But query generated contains additional data that need to be restrict according to user authorization:

Ensure the authorization object "P_ABAP" be set to value "1" for ABAP program: SAPDBPNP

The incorrect settings:

The correct settings:

1 comment: