SAP Knowledge Base Article - Public

3212110 - Permission restrictions does not apply to MDF Workflow initiator when initiator views data in workflow page

Symptom

Field level override (i.e set No_Access of a field in RBP) is set for initiator, when initiator create data to submit the workflow, field override works fine.
After workflow is triggered, the initiator found NO_ACCESS field is visible on workflow page.

"Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.“

Environment

  • SAP SuccessFactors HXM Suite
  • SAP SuccessFactors Metadata Framework

Reproducing the Issue

1. Configure a Workflow, and the workflow Step configuration is set Respect Permission = No
2. Field level override (i.e set No_Access of a field in RBP) is set for initiator, such as field2 = NO_ACCESS
3. Initiator submitted workflow, observe that field2 is not visible
4. Workflow is triggered, verify field2 is not visible on manage data


5. However, from View My Pending Request, find the workflow request, observe that field2 is visible on workflow page:


 

Cause

This is system behavior. Depends on the Respect Permission= YES or NO in workflow configuration:

Field's visibility on Manage Data / People Profile will respect RBP settings.

Field's visibility on Workflow Details page will respect workflow configuration-- Respect Permission (YES/NO) settings.

For workflow initiator, it follows below scenarios:

  1. If respect permission was set to NO for all steps and cc role users and contributors, initiator will not respect permission as well.
  2. If initiator was also part of current step approvers or contributors or cc role users, initiator will follow the same respect permission setting as them.
  3. If workflow was already completed (completed, rejected, cancelled) and initiator was part of present approvers or processor, initiator will follow the same respect permission setting as present step.
  4.  Initiator is not overlapped with current/previous step approvers and contributors and cc roles and any step/contributor/cc role respects permission, initiator always respect permission.

Resolution

Please update only one step to Respect Permission = Yes in the workflow configuration, then the RBP restriction will also be applied to view pending workflow page.

See Also

2080181 - Respect Permission Functionality in Workflow Configurations - EC

Keywords

manage workflow requests, request, permission, MDF, respect, respect permission, workflow, View Completed Workflows, ECT-197685
 
, KBA , LOD-SF-MDF-WFL , Custom Object based Workflows , How To

Product

SAP SuccessFactors HCM suite all versions