SAP Knowledge Base Article - Public

3607457 - All permission roles have consistent authorisations for working with business rules. (PermissionRolesHaveConsistentAuthorizationsForRules)

Symptom

In the Check Tool,

"All permission roles have consistent authorisations for working with business rules. (PermissionRolesHaveConsistentAuthorizationsForRules)"

finds the following result: 

1 issue found: “We couldn’t check the permission roles"

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.

Environment

SAP SuccessFactors HCM

Reproducing the Issue

  1. Navigate to the Check Tool.
  2. Application: Business Rules
  3. Select “All permission roles have consistent authorisations for working with business rules. (PermissionRolesHaveConsistentAuthorizationsForRules)" 
  4. Run the check
  5. Observe that the result shows:
    1 issue found, "We couldn't check the permission roles."

Cause

The security settings for the MDF object 'Rule' are not properly configured.

Note: 

This check is introduced to find misconfigurations when customers decide to adopt the new authorization concept for working with business rules. 

Previously, the 'Metadata Framework → Configure Business Rules' permission was too broad, making it impossible to distinguish between viewing and editing, or to restrict access to specific areas like time management. 

With the new authorization concept, using introduction of Role-Based Permissions (RBP), users will gain more precise control, ensuring they can only manage rules within their designated areas. This upgrade improves both security and operational efficiency. 

Resolution

If you wish to adopt the new authorization concept for working with Business Rules, you need to set the security settings of the MDF object “Rule” correctly: 

  1. Navigate to “Configure Object Definitions” 
  2. Select Object Definition and “Rule” 
  3. Select Take Action à Make Correction 
  4. Navigate to the Security Section 
  5. Make the following settings: 
  1. Secured = Yes

  2. Permission Category = Business Rules Object Permissions 

  3. CREATE Respects Target Criteria = Yes 

      6. Save your settings.  

If you run the Check, “All permission roles have consistent authorisations for working with business rules. (PermissionRolesHaveConsistentAuthorizationsForRules)" again, it will assist in correctly configuring the permission roles. 

Note: Securing the MDF object “Rule” will impact the authorization for accessing and maintaining business rules in application UIs as well as in the Configure Business Rules UI. It will NOT affect the execution of Business Rules.

For more details, kindly refer to the following help guide: 

Please review this thoroughly before securing the rule object.  

 

See Also

Keywords

RUL-10765, PermissionRolesHaveConsistentAuthorizationsForRulesRules, Secured, RBP, Authorization Concept for Business Rules, Business Rules, MDF Object, MDF Rule   , KBA , LOD-SF-PLT-CHK , SuccessFactors Platform Check Tool , LOD-SF-MDF-RUL , Custom Oject based Business Rules , Problem

Product

SAP SuccessFactors Platform all versions