SAP Knowledge Base Article - Public

3200253 - Project data can be displayed/changed for user who has restricted authorization

Symptom

In "Project Control - Enterprise Projects" app the Project Manager can view/edit projects of other profit centers which are not assigned to the role.

Environment

SAP S/4HANA Cloud Public Edition

Reproducing the Issue

  1. Create a custom role by copying the role SAP_BR_PROJ_FIN_CONTROLLER.
  2. Add restrictions to profit center to this role.
  3. Assign the custom business role to user A.
  4. Login with another user.
  5. Open Project Control app.
  6. Create a new project.
  7. Assign the project manager/steer co/Financial Controller as user A.
  8. Update the profit center to which user A does not have access.

User A will be able to view/edit the projects based on the authorizations set in the role and also the projects where they have been assigned as a project manager.

Cause

In Project Control, the project manager, steering committee member and project controller role will be able to view/edit all the projects for which they are assigned as the roles irrespective of the role assigned.

Resolution

  • This is a standard behavior.
  • This is the design of the system.

Keywords

Project Control, Profit Center, role restriction, restriction, SAP_BR_PROJ_FIN_CONTROLLER, Project Manager, Company Code, Plant, Access Restriction, Restrict User  , KBA , PPM-SCL-STR , Project Structure (Public Cloud) , XX-SER-MCC , Mission Control Center - Knowledge Management , How To

Product

SAP S/4HANA Cloud Public Edition all versions