A Business User is able to perform a Change Of Stock although it would not be possible due to their access rights settings.
SAP Business Bydesign
Reproducing the Issue
To check the Access Rights for a Business User:
- Go to Application and User Management Workcenter.
- Go to User and Access Management view.
- Go to Business Users subview.
- Select All Business Users then search for the relevant Business User.
- Click Edit then Access Rights.
- You check the access rights for Work Center Names PLM_QUALITYCONTROL and SCM_INTERNALLOGISTICS with Work Center View name SCM_INTLOGSCHANGEOFSTOCK and it is possible to see that the user is not authorized to perform a Change Of Stock by these settings, as the Assigned to User checkbox is not checked.
However, the relevant Business User is able to perform a Change of Stock by following the steps bellow:
- Login in your tenant with the relevant Business User
- Go to Internal Logistics workcenter
- Go to Change of Stock common task
- Perform any stock change then in Step 3 Review, click Finish
- You will see that it saved the change of stock performed, although it should not be permitted due to the User's Access Rights settings.
The Business User is being permitted to proceed with the Change of stock due to assignment of Workcenter View SCM_INTLOGS_GAC_OWL_WOCV.
When the WoCV SCM_INTLOGS_GAC_OWL_WOCV is unassigned, the Change of Stock stops appearing under the common tasks and the Business User is not allowed anymore to perform a Stock Change.
If you don't want the user to perform a change of stock, unassign the relevant Business User access to Workcenter View SCM_INTLOGS_GAC_OWL_WOCV
Access rights, Change Of Stock, Unauthorized Access, Business Users access rights , KBA , AP-IP-INV , Inventory , How To