2484522 - Employees can Edit MDF Objects and Make Changes

SAP Knowledge Base Article - Public

2484522 - Employees can Edit MDF Objects and Make Changes

Symptom

In both our test and production environment we have noticed that user can edit custom objects such as time Off

USE CASE EXAMPLE:  after time off approval an employee can edit the time off request and change the externalCode externalName Payroll Code  

How to prevent this?

How to set permission on the objects?

Reproducing the Issue

Reproducing the above use case

This is an example, however all custom object are susceptible to  such unauthorise editing

In this case the user is able to edit the time of object after it has been approved

2017-06-02_09-18-25.png

The user is able to make changes to external code and successfully save the change. an action that can impact payroll

2017-06-02_09-16-31.png

Cause

The object has not been secured and

the RBP has not been configured

2017-06-05_11-45-14.png

Resolution

1- Secure the object and

2- Configure RBP

2017-06-05_11-45-51.png

The below configuration means that, the object RPB will be defined in Miscellaneous

2017-06-02_11-21-07.png

Once the above configuration is done, the object will now appear in the select area, in this case we have chosen Miscellaneaous.

2017-06-02_11-22-42.png

As you can see, user does not have editing right anymore, therefore will not be able to make any change but can view the details.

2017-06-02_11-24-08.png

See Also

 

2285199 - How to create a Custom Foundation Object

Keywords

Object Permissions MDF Permissions Object RBP MDF RBP , KBA , LOD-SF-EC-RBP , Roles & Permissions , LOD-SF-EC-MDF , MDF & EC2MDF Migration , LOD-SF-FWK , Architecture Framework & Extensions , How To

Product

SAP SuccessFactors HCM Core 1705