Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Issue in HR roles -- reg infotype 0000

Former Member
0 Kudos
261

Hi,

In HR roles we are facing problem with infotype 0000.

For PA30 tcode, in authorization object P_ORGIN, we have given R for infotypes 0006 and 0021.

Even though we have given R for infotype 0000, but it is allowing users to create and change.

Where as our requirment is to have display only for infotypes 0006 and 0021.

<removed_by_moderator>

Regards,

Siv

Edited by: Julius Bussche on Jun 8, 2009 8:03 PM

1 ACCEPTED SOLUTION

Former Member
0 Kudos
171

Hi Siv,

Run report RHUSERRELATIONSHIP for that user and check what all P_ORGIN access the user has and through which roles. This report is pretty helpful.

Cheers !!

Zaheer

17 REPLIES 17

Former Member
0 Kudos
172

Hi Siv,

Run report RHUSERRELATIONSHIP for that user and check what all P_ORGIN access the user has and through which roles. This report is pretty helpful.

Cheers !!

Zaheer

Former Member
0 Kudos
171

Dear Zaheer,

Thanks for your quick reply.

Only one role is assigned to this user id.

That role has only HR tcodes like S_PH9, PT, PA, S_AHR....i can provide the HR tcode list...but its pretty big one.

but in P_ORGIN....we have maintianed only 9 infotypes...with R and M authorization types...

infotypes 0006, 0021 and 0000 have only R assigned to them.

Regards,

Siv

0 Kudos
171

What did the report showed ?

Former Member
0 Kudos
171

Dear Zaheer,

It showed the role that was assigned to him.

Regards,

Siv

0 Kudos
171

So when you ran the report, with "Display HR Authorizations" radio button selected and "P_ORGIN" checked it showed you only the authorization objects pointing to the role only.

There may be some profiles, structural authorization which might be giving Write access to infotype 0000.

Alternatively, can you run a ST01 auth check trace and recreate the issue, and check the trace result for W,E,D,S or * for infotype 0000.

Cheeers !!

Zaheer

Former Member
0 Kudos
171

Dear Zaheer,

Below is the result of that report,

P_ORGIN T-DC61007500 AUTHC R

P_ORGIN T-DC61007500 INFTY 0000

P_ORGIN T-DC61007500 PERSA *

P_ORGIN T-DC61007500 PERSG *

P_ORGIN T-DC61007500 PERSK *

P_ORGIN T-DC61007500 SUBTY *

P_ORGIN T-DC61007500 VDSK1 *

Thanks for ur help.

Regards,

Siv

0 Kudos
171

Interesting....what about the trace results ?

Former Member
0 Kudos
171

Dear Zaheer,

P_ORGIN RC=4 INFTY=0001;SUBTY=' ';AUTHC=R;PERSA=;PERSG=;PERSK=;VDSK1=;

P_ORGIN RC=0 INFTY=0001;SUBTY=' ';AUTHC=R;PERSA= ;PERSG= ;PERSK= ;VDSK1= ;

P_ORGIN RC=0 INFTY=0001;SUBTY=' ';AUTHC=R;PERSA=2401;PERSG=R;PERSK=R1;VDSK1=2401;

This trace is when i clicked on Create button on PA30 screen....

Nothing abut 0000....

Regards

Siv

0 Kudos
171

Just got hold of an HR system, when i clicked "Create" in PA30 after selecting "Actions"...

I got this...

P_ORGIN RC=0 INFTY=0000;SUBTY= ;AUTHC=W;PERSA= ;PERSG= ;PERSK= ;VDSK1= ;

It surprises me that you didn't found any entry for Infotype 0000 in authorization trace.

Former Member
0 Kudos
171

Dear Zaheer,

I had removed the 0000 entry from the role, now when I select any user id and click on display, it is Not allowing. Below is the trace,

P_ORGIN RC=0 INFTY=0001;SUBTY=' ';AUTHC=R;PERSA=2401;PERSG=R;PERSK=R1;VDSK1=2401;

P_ORGIN RC=0 INFTY=0006;SUBTY=' ';AUTHC=R;PERSA=2401;PERSG=R;PERSK=R1;VDSK1=2401;

P_ORGIN RC=0 INFTY=0021;SUBTY=' ';AUTHC=R;PERSA=2401;PERSG=R;PERSK=R1;VDSK1=2401;

and here also no 0000....

Edited by: K. Siva Srinivas Reddy on Jun 4, 2009 9:29 AM

0 Kudos
171

Check the values in P_PERNR then..interestingly none of your trace results show up infotype 0000 (Actions), are you sure you are selecting actions and then clicking create...just verifying.

Former Member
0 Kudos
171

Dear Zaheer,

I am going into PA30.....clicking F4 for "Personnel no." and selecting any user randomly....then entering value 0000 in Infotype field under "Direct Selection".....now clicking on Create button.

The values for P_PERNR are

Authorization level R

Infotype 0002

Interpretation of assigned per I

Subtype ' '

0 Kudos
171

Hi Siva,

When hit create for actions 0000.Did you try saving the entry ?? I think it will allow you to create an entry but won't allow you to save the record. you will get no authorization to maintain message.

Try and let us know

thanks

santosh

0 Kudos
171

Santosh, i doubt that, system checks for write authorization as soon as you click the create button. Still you check that Siv.

Cheers !!

Zaheer

0 Kudos
171

Zaheer, Even I had the same feeling however I tried with test role in the sandbox and yes it allowed me to create any entry but dint allow to save it.

thanks

Santosh

0 Kudos
171

@Siv : Let us know what you find out....

@Santosh : Lets wait for Siv to come up with some more input for us

Cheers !!

Zaheer

Former Member
0 Kudos
171

Hi,

@ Zaheer - thanks bro for all your inputs and time.

@ santosh - thank u, but client requirment is that the end user should immediately get "not authorised" message when someone tries to click on create. it should not allow to the next screen.

The problem is solved now...instead of giving R...I had given D and tried and it works perfectly....they can display all but can't change or create.

If anyone click on change or create, immediately they will get "not authorised" message.

Regards,

Siv