SAP Knowledge Base Article - Public

3411950 - Restrictions set on Plant is not working

Symptom

Maintain the plant restrictions only to Plant (E.g. access only to 1010) but are able to Edit Purchase Requisitions and Purchase Orders that are not from that Plant (1010).

Environment

SAP S/4HANA Cloud

Reproducing the Issue

1. Go to Create Purchase Requisitions - Advanced application.
2. Select "Other Purchase Requisitions".
3. Enter PR number.
4. Select Display/Change and click Item Overview. You will see that the PR is for Plant (E.g. 1020).
5. Change the quantity to any amount, then click Save.
6. Purchase Requisition was successfully changed.

Cause

Missing Business Role/Catalog Restrictions

Resolution

If multiple catalogs sharing common authorization object to different roles with different restrictions, all these roles are assigned to same user, user will have a Union of all these authorizations.

Hence, if Role A allows the authorization and Role B restricts and a user is assigned both Role A and B, then authorization status is allowed. 

Keywords

restrictions on plant, maintain business users, S4_1C, S4HC, MM-PUR-REQ-GUI, CB User access to plant, S4_PC, roles, business catalog , KBA , MM-PUR-REQ-GUI , Userinterface - Purchase Requisitions , Problem

Product

SAP S/4HANA Cloud Public Edition all versions ; SAP S/4HANA Cloud all versions