SAP Knowledge Base Article - Public

2767161 - Access to non-secured foundation objects

Symptom

User doesn't have access to Manage Data but is still able to edit the object as seen from the timestamp of the object in Manage Data.

Environment

  • SAP SuccessFactors Employee Central
  • SAP SuccessFactors HXM Suite
  • Metadata Framework (MDF)

Cause

Missing permission on Access to non-secured objects (previously known as 'Read/Write Permission on Metadata Framework')

After 1902 release this permission is no longer required to access Objects which are marked as 'Secured='Yes' on Configure Object Definitions however it is required for non-secured MDF objects as per the scenarios below.

  • If this permission is not granted, on manage data user will be able to see only objects which are marked as Secured='Yes' and user has access.
  • If this permission is granted, user will get access to all objects which are marked as 'Secured='No' and the secured objects on which user has access. 

For foundation objects, you have separate permission "MDF Foundation Objects" where you can control which Foundation Objects you have veiw/create/insert/correct or delete access.

Resolution


To know if the user is having access to non-secured objects:

  1. Go to "User Role Search" admin tool
  2. Enter and select user in "Access Users".
  3. Select Permission Category = "Metadata Framework"
  4. Now click "Search Roles" Button
  5. You'll get list of permission roles which are giving access to all the non-secured objects to the effected user.

Now as per your requirement:

  1. Go to Manage Permission Roles;
  2. Select the Role you desire;
  3. Click in Permission...;
  4. Navigate to the session Metadata Framework;
  5. Check or uncheck the option "Access to non-secured objects (previously known as 'Read/Write Permission on Metadata Framework')".

Keywords

Restrict access to unsecured objects under manage data, MDF-27490, able to edit an object without access to manage data, manage data, without permission, secured object, non secured object, object definition, permission , KBA , LOD-SF-EC-FOO , Foundation Objects (Organisation, Pay and Job Structures) , LOD-SF-EC-RBP , Roles & Permissions (EC Core only) , Problem

Product

SAP SuccessFactors Employee Central all versions ; SAP SuccessFactors HCM Suite all versions