https://community.sap.com/t5/application-development-and-automation-discussions/authorization-empty-in-pfcg/m-p/2703708#M626224 <HTML><HEAD></HEAD><BODY><P>i was reying to restrict dipaly access in my display role, in some cases actvt auth obj is pulling only create , generate.. inthis case i was inactivating that , if i keep it as empty with out selecting any restriction.. execute , change , genereating etc,.. with out tick marking unchecked all and saved. in that case what happens ? am not giving dummy " " does the user still get access ? please suggest</P><P>thanks</P><P>SR</P></BODY></HTML> Sun, 19 Aug 2007 03:38:22 GMT Former Member 2007-08-19T03:38:22Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-empty-in-pfcg/m-p/2703708#M626224 <HTML><HEAD></HEAD><BODY><P>i was reying to restrict dipaly access in my display role, in some cases actvt auth obj is pulling only create , generate.. inthis case i was inactivating that , if i keep it as empty with out selecting any restriction.. execute , change , genereating etc,.. with out tick marking unchecked all and saved. in that case what happens ? am not giving dummy " " does the user still get access ? please suggest</P><P>thanks</P><P>SR</P></BODY></HTML> Sun, 19 Aug 2007 03:38:22 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-empty-in-pfcg/m-p/2703708#M626224 Former Member 2007-08-19T03:38:22Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-empty-in-pfcg/m-p/2703709#M626225 <HTML><HEAD></HEAD><BODY><P>do not empty the activity value, only give 03 (display to all objects)</P></BODY></HTML> Sun, 19 Aug 2007 12:38:39 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-empty-in-pfcg/m-p/2703709#M626225 Former Member 2007-08-19T12:38:39Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-empty-in-pfcg/m-p/2703710#M626226 <HTML><HEAD></HEAD><BODY><P>Hi Raj,</P><P>To answer your question, if you deactivate the object how will it effect the authorizations.</P><P></P><P>It really depends on the transaction, if the transaction (source code) checks for the object and it is deactivated then it will fail. If the object is checked with certain fields specified but others not, then an unspecified field can have any entry in the Role/profile.</P><P></P><P>Take a look at SU24 against a transaction and do some tests, you can also look at the transaction source code and directly see the object being checked and its fields; look for AUTHORITY-CHECK.</P><P></P><P>I hope this helps.</P><P></P><P>Regards</P><P>Ashley</P></BODY></HTML> Sun, 19 Aug 2007 14:12:15 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-empty-in-pfcg/m-p/2703710#M626226 Former Member 2007-08-19T14:12:15Z