Dear security gurus.
I have 2 business roles in company and 2 subsidiaries under HQ.
Each company have
- Accout clerk
- Account manager
HQ's clerk&manager: be able to check all company's data.
Subsidiary's clerk&manager: be able to check ONLY their own company's data
In this case, I have to create these 6 roles, because
company code restriction can be controled only by role, not user.
Am I correct?
1.HQ's manager(Company code: *)
2.HQ's clerk(Company code: *)
3.Subsidiary1's clerk(Company code: 1)
4.Subsidiary1's manager(Company code: 1)
5.Subsidiary2's clerk(Company code: 2)
6.Subsidiary2's manager(Company code: 2)
Yoshi