2465615 - How To limit the ability of the user to edit and add the Currency and Bank Country through the Payment Information for ESS

Want to Remove Country, Payment Method and Currency Icons coming in User Bank details or Payment Information

Can you limit the ability of the user to edit and add the Currency and Bank Country through the Payment Information for ESS?
ESS have view access only to Payment Information and no access to Manage Data. But if the HR or the Admin added an entry to the Payment Information of the employee, the employee can now add/edit currency and country.

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.

• Employee Cnetral - Payment Information
• SAP SuccessFactors HCM Cloud

Navigate to Test user Personal Information then Payment Information or Bank detail
Click on the Bank Country small box icon > Edit

Click on the Country small box icon

Click on Currency small box icon

Click on Payment Method + icon

This is caused due to the objects not being controlled by Permissions or the User having View and Edit permissions to the object. 
You can check this by following the below steps.

Review RBP

1. Go to Admin tool Permission Role Detail
2. Select any Role 
3. Scroll down to Miscellaneous Permissions

Result: No role base permissions for below object

1. Currency
2. Country

Review Object Definition

1. Go to Admin Tool 
2. Object Definition: Currency and Country 
3. Result: Permission Category = Miscellaneous Permissions

e

Example:

• customers are looking for a way to limit the ability of the user to edit and add the Currency and Bank Country through the Payment Information for ESS.
• ESS have view access only to Payment Information and no access to Manage Data.
• But if the HR or the Admin added an entry to the Payment Information of the employee, the employee can now add/edit currency and country.

Note: There is no way to completly remove the icon for MDF objects but we can limit the data displayed on clicking on the icon

In order to restrict the user to see only Currency Name for example in people profile page, you must carry out the below two steps.

1. Ensure the required objects are secured by Permissions: 

In order to restict what is visble we must ensure the objects are controlled by permissions.

This is done by securing the object: Enable the object (Currency) as secured (Permission Category = Miscellaneous Permissions) from configure object definition page

Object Definition

1. Go to Admin Center 
2. Configure Object Definition: select the object for example Currency, Country or Payment Method
3. Select Take Action: Make correction
4. Scroll down
5. Under the Security Sections, set Secured = Yes
6. Set the Permission Category = Miscellaneous Permissions
7. Repeat for the other objects.

Result: Permission Category = Miscellaneous Permissions

2. Set Field Level Overrides for the object to restrict what can be seen. 

We can now restrict the fields that are seen on the object so a user can only see the currency name for example.

This is done by adjusting the Permission Roles for a user.

1. Go to Admin tool Permission Role Detail
2. Select the required Permission Role 
3. Scroll down to Miscellaneous Permissions
4. Enable "View Current" for Object Currency or Country
5. Select 'Field Level Overrides'
6. Select field fields you wish to see for example, 'Currency' and provide the permission as 'Read Only' and select all other fields and permission as 'No Access' so that the user will be able to see only Currency name in PP3 page as in the screenshot.
7. Note:
• It is not supported to set "No Access" as a field level override to all fields on an object. At least one field must be "Read Only"
• Please note if other roles provide more access to the object for the user they must also be adjusted as access is controlled by the combination of all the users permission roles. 
8. Repeast for other objects. 

Result:

Navigate to Test user Personal Information then Payment Information, you will now only see limited information for the Currecy for example based on the Permission Roles.

CS20230006166204, , ECT-63201, INC6059916, Payment Information, Payment Method, Currency, Bank Country, Country, icon , KBA , LOD-SF-EC-PAY , Payment Information (Bank Information) , LOD-SF-EC , Employee Central , LOD-SF-EC-MDF , MDF & EC2MDF Migration , Problem