SAP Knowledge Base Article - Public

2303419 - RBP Permission for MDF Composite Child Object does not restrict to Target Population


 RBP Permission for MDF Composite Child Object does not restrict to Target Population.


  • SAP SuccessFactors HXM Suite
  • Metadata Framework (MDF)

Reproducing the Issue

  1. MDF object has composite child objects.
  2. RBP role is configured to restrict child object permissions to specific target population only.
    For example:
    Employee role should only have Read Only access to Child record.
    Manager role is granted View/Correct/Create permissions to the Child record, where Access group = Managers and Target group is the Direct Reports.
  3. However, when the same Manager/User when is viewing his own record, he is still able to View/Correct/Create the child record.


Currently, there are no target criteria or target group support for composite child permissions. Therefore, you cannot specify different field override patterns according to the content of the composite child object.


Therefore, the above manager role is given View/Correct/Create access for child records including his own. The possible workaround is to define Field Level Overrides from the Parent record instead.

In this example:

The Employee role can be edited to:

  1. Go to Manage Permission Role 
  2. Open the user Permissions Role
  3. Find and select Miscellaneous
  4. Find the Parent object 
  5. Enable Field Level Overrides and select the Child record and set to Read Only.

The manager role remains able to edit the direct report's record.


mdf permission target, child object, permission, target population, field level overrides , KBA , LOD-SF-MDF-RBP , RBP Permissions on Objects , LOD-SF-EC-MDF , MDF & EC2MDF Migration , Problem


SAP SuccessFactors HCM all versions