Symptom
User XYZ is able to access the Price Lists which belongs to different Sales Organization because User XYZ doesn't belongs to that Sales Organization which was added to the Price List
Environment
SAP Cloud for Customer
Reproducing the Issue
- Log in as User XYZ
- Go to Products work center
- Go to Price List view
Cause
The cause for the issue is that there are two work center views available forPrice List and Discount list which share the same business object and hence the same access context.
If the access restriction is placed only on Price List Work center view for business role ABC, but there is no access restriction on Read access in Discount Lists. Then this issue could happen.
This is the reason the access restriction is not applied even for Price List.
Resolution
The same access restrictions need to be applied to both Price and Discount List WoC, for access restrcitions to be effective.
Keywords
Price List, authorization, Discount list, sales organization , KBA , price list , authorization , sales organization , LOD-CRM-PRC , C4C Pricing , SRD-CC-IAM , Identity & Access Management , Problem