SAP Knowledge Base Article - Public

2538520 - RBP Security on for accessing MDF objects on Manage Data

Symptom

  • All the objects are visible for admin in Manage Data?
  • Can we restrict access to non-secured objects in Manage Data?

Environment

  • SuccessFactors Cloud HCM: MDF
  • SuccessFactors Cloud HCM: Manage Data

Resolution

  • As of b1905, anyone with access to the permission "Access to non-secured objects" will have access to Manage Data permission in Admin Center and be able to access all the non-secured MDF objects in addition to the secured objects that have been permissioned for the user.

  • As an additional note, customers are recommended not to enable Security on the system related objects. For application specific objects that are requeried for its functioning customers are required to take additional care during security enabling.
    Below is the list of objects, customers should not perform any security changes as it may cause application error on using MDF:
    GOObjectDefinition
    GOFieldDefinition
    GOAssociationDefinition
    Condition
    ConditionValue
    SearchableField
    PickList
    PickListValue
    GOFieldCriteria
    GOLocalizedData
    GORBPConfig
    RuleReference
    GORuleConfig
    BusinessKeyField
    RBPRoleObjectPermissionMap
    RBPObjectPermission
    RBPFieldOverride
    MDFTargetCriteriaMap
    MDFTargetCriteria
    MDFTargetCriteriaDetail
    MDFTargetCriteriaInValue
    MDFTargetCriteriaTypedHierarchyDetails
    MDFSyncRecord
    ConfigUIMeta
    FieldInfo
    SimpleFieldAndValue
    CollectionInfo
    ReferenceInfo
    JSONMeta
    ObjectDefinitionStatus
    ObjectConfig
    ECLocalElementFieldConfig
    ECElementFieldConfig
    FoTranslation
    GOLocalizedData

Although it will be possible to add security to some of the above objects, it is highly recommended that you do not, as this will causes issues in the instance. 
Some of the above also will not allow you to add security, either the section is not available, you can selected it but it will not save or there is no Take Action option. This is by system design and these actions have been blocked by code as it is not supported.

Keywords

MDF: Metadata Framework, Manage Data, mdf, read/write, read, write, Access to non-secured objects, secured, object, non-secured, non secured , KBA , LOD-SF-MDF-RBP , RBP Permissions on Objects , LOD-SF-EC , Employee Central , LOD-SF-EC-MDF , MDF & EC2MDF Migration , LOD-SF-MDF-MGD , Manage Data - Create, Update & Delete , Problem

Product

SAP SuccessFactors Employee Central all versions ; SAP SuccessFactors HCM Core 1708