Hi all,
I have implemented authorization object P_DURATION but the behavior is very strange, I am not sure this does what SAP intended or I am doing something wrong. Can you please help? This is what I have done so far
- Performed the customizing, to begin with only for IT 0000 and 0006 subtype 1.
- Activated the BADI, here I have just used the sample code, so extra business logic required the sample code does the job i.e it satisfies initial business requirement.
- Created a role which gives access to PA20 and all infotypes ie P_ORGINCON full authorization . I have also include the new object P_DURATION, this has the corresponding customized values ie access 1 month only..
With the role created, customization, and the BADI active here is the system behavior.
- Test user with the role does not see all delimited beyond the define 1 month. This is correct as I would expect.
- Now change the role and insert * (give full authorization in object P_DURATION), the test user still does not see all delimited infotypes beyond a month. Is this correct even though the user has full access?
- A test user with roles that do not have the object P_DURATION are also restricted to a month , is this correct? I don’t this it should work like this
Has anyone implemented this P_DURATION? If so can you please share your experiences.
Merci
Dimtri