Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

over authorization

bashayreh
Explorer

‎2020 Mar 03 3:18 PM

0 Likes
1,076

Hi everyone

in order to give access for a user on a fiori tile, I created a Role that contains the Technical Catalogue of that tile. the result is that the user is able to add new tiles and use them while he should not be able to do so. for example a sales representative is getting access to changing the cost price of items!

please advise what is the best way to solve my issue

best regards

3 REPLIES 3
Read only

VeselinaPeykova
Active Contributor

‎2020 Mar 04 6:09 AM

1,012

You are not supposed to use technical catalogs directly for creating user roles.

The recommended approach is to create business catalogs referencing technical catalogs with only the needed apps, then you create groups (well thought out groups can make the life of users a bit easier) and use these when you create the PFCG roles.

For more information - refer to the official help documentation: Best Practices for Managing Catalogs.

There is also a nice self-paced openSAP course where this topic is really well explained: Key Technical Topics in a System Conversion to SAP S/4HANA. Enrolling is free of charge.

Read only

bashayreh
Explorer

‎2020 Mar 04 9:59 AM

0 Likes
1,012

Many thanks veselina.peykova

I will go through your mentioned refrences

best regards

Read only

former_member612251
Participant

‎2020 Mar 04 12:02 PM

0 Likes
1,012

If its sandbox or dev, I dont see any issue with this approach, but for going forward into DEV, QA and PRD you should follow what Veselina has said.