2007 Aug 19 4:38 AM
i was reying to restrict dipaly access in my display role, in some cases actvt auth obj is pulling only create , generate.. inthis case i was inactivating that , if i keep it as empty with out selecting any restriction.. execute , change , genereating etc,.. with out tick marking unchecked all and saved. in that case what happens ? am not giving dummy " " does the user still get access ? please suggest
thanks
SR
2007 Aug 19 1:38 PM
do not empty the activity value, only give 03 (display to all objects)
2007 Aug 19 3:12 PM
Hi Raj,
To answer your question, if you deactivate the object how will it effect the authorizations.
It really depends on the transaction, if the transaction (source code) checks for the object and it is deactivated then it will fail. If the object is checked with certain fields specified but others not, then an unspecified field can have any entry in the Role/profile.
Take a look at SU24 against a transaction and do some tests, you can also look at the transaction source code and directly see the object being checked and its fields; look for AUTHORITY-CHECK.
I hope this helps.
Regards
Ashley