Symptom
RBP Permission for MDF Composite Child Object does not respect Target Population for Field Level Overrides.
Environment
SAP SuccessFactors HCM
Reproducing the Issue
- MDF object has composite child objects.
- RBP role is configured to restrict child object access to some fields, via Field Level Overrides
For example:
Permission Role "A" is set with "Read Only" access to Child Object fields "1" and "2" for Target group "A"
Permission Role "B" is set with "Read Only" access to Child Object fields "3" and "4" for Target group "B" - However, when the user is viewing the record, he is still able to edit all the fields in the child record, regardless of Field Level Overrides configuration.
Cause
Currently, there are no target criteria or target group support for composite child permissions.
Therefore, you cannot specify different Field Level Overrides patterns according to the content of the composite child object for different fields and different target groups.
Resolution
The possible workaround is to define Field Level Overrides for the same fields in all Permission Roles. In this scenario, permissions configuration will be respected.
Other possible solution is to define Field Level Overrides configuration in Parent Object, restricting the whole Child Object instead.
Keywords
mdf permission target, child object, permission, target population, field level overrides , KBA , LOD-SF-MDF-RBP , RBP Permissions on Objects , LOD-SF-EC-MDF , MDF & EC2MDF Migration , Problem