Hi Experts,
Would like to know other than P_ABAP what auth object i can use to restrict HR Reporting view on EE group.
I encounter a problem when i creates 2 roles as below and assigned to a user:
Role_A : Has the access to EE group 2 - 7, Personnel Area 1001 with the access to Reporting A
Role_B: Has the access to EE group 1-7, Personnel Area 1001 witht he access to Reporting B.
Problem: When I assigned these 2 roles into a User profile. The user would be able to generate data for an employee from EE group 1 in Reporting A which he is not supposed to.
i did tried to add P_ABAP into Role A with COARS =1 and REPID = Reporting A but resulted the same.
Hope anyone of you could provide me some hint on how to have a extended check on these 2 role.
Thanks.