SAP Knowledge Base Article - Public

2723504 - Restricted Accounts can be Found inside other Accounts

Symptom

You have an account to the one you have access to. When you open this account and go to the Relationship facet, you will see other accounts maintained. Some of these accounts might be restricted to you and you might not be able to find them neither in the OWL nor in OVS.

Environment

SAP Cloud for Customer

Reproducing the Issue

  1. Go to the Customers work center.
  2. Go to the Accounts view.
  3. Search and open ABC (ABC represents an account you have access to)
  4. Go to the relationships facet.
    Result: You can see some accounts that you are restricted to see. Some information about the account might be displayed, such as the name, the address…
  5. Click any of the accounts you are restricted for.
    Result: You will not see any information, as you have no read access to it.

Cause

It was a design decision to display Account data of related Accounts on the Relationships Facet even if you are not authorized for this related Account. With this decision we ensure that we have an overall consistent behaviour on the UIs that display a list of Parties. All UIs Parties are displayed even though you might not be authorized for them.

It is neither possible to display details of such an Account without authorization (for example, on the Account TI) nor to select such an Account on the Account OVS.

Resolution

This is the system expected behaviour as per the details laid out above.

See Also

Blog: Access Control Management: Access restrictions explained – Restriction Rules

Keywords

account, relationship, restricted , KBA , LOD-CRM-ACC , Account , How To

Product

SAP Cloud for Customer 1811