3569413 - RBP not respected on gender field in latest PPX – 2H2024

• The Gender field in the People Profile is visible to the Manager role even when the View and Edit action is restricted in Role-Based Permissions (RBP).
• The issue is specific to the latest People Profile and does not occur in the Legacy profile.
• The issue affects all users, resulting in sensitive data being visible to managers.
  
  

"Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental." 

SAP SuccessFactors Employee Central, People Profile - Full Profile

1. Restrict the View and Edit action for the Gender field in RBP.
2. Log in as a user with the Manager role.
3. Navigate to the People Profile of an employee.
4. Observe that the Gender field is still visible.
   
   
   
   
5. Compare with legacy behavior - permission is respected.
   
   

This is expected behaviour.

Field-level permissions are not considered if OData API admin permission is granted.

• If you have the Employee Central HRIS OData API (read-only) administrator permission, then you can view all Employee Central entities on People Profile.
• If you have both the Employee Central HRIS OData API (editable) administrator permission and the user permission to view an entity, then you can edit the entity on People Profile.

If this is important to your business requirement, please consider opening an enhancement request on the same.

• Refer Enhancements to Employee Central on the Latest People Profile

SAP SuccessFactors, Employee Central, People Profile, Gender Field, Manager Role, RBP, Visibility, Restriction, Legacy Profile, 2H2024 , KBA , LOD-SF-EP-FPP , People Profile - Full Profile , LOD-SF-EC-RBP , Roles & Permissions (EC Core only) , Product Enhancement