SAP Knowledge Base Article - Public

2253428 - How to restrict "Manage Advance Objects" access

Symptom

Manage Advances has no permission in the RBP role however the user can still see Manage Advance Objects through the Admin Center

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.

Environment

  • SAP SuccessFactors HXM Suite
  • SAP SuccessFactors Employee Central Metadata Framework

Reproducing the Issue

  1. Login to the instance
  2. Open Admin Centre
  3. Search for Manage Advance Objects
  4. You'll be able to access this view although you do not have permissions set up in the RBP. However there is no data displayed in this view

    advance.jpg

 

Cause

Before b1511 the permissions for the Manage Advance Objects link are based on the Read/Write permissions on Metadata Framework

These are needed however for other MDF actions and are not exclusive to Advances

advance01.jpg

From b1511 release, there is a separate RBP Permission to manage Advances called Advances Admin Overview which will manage the access rights of users to Manage Advance Objects.

 

Resolution

Please uncheck, in the relevant RBP, the edit/view permission to Advances Admin Overview to prevent non admin users to access Manage Advance Objects

Keywords

SF SuccessFactors Manage Advance Objects visible access permission RBP MDF EC , KBA , LOD-SF-EC-MDF , MDF & EC2MDF Migration , LOD-SF-EC-LOC , Localization & Country Specifics (EC Core) , Problem

Product

SAP SuccessFactors HXM Suite all versions