Question:
Hi
I need to restrict access of immediate superior and the superior’s superior Basic pay record. I am using structural authorisation. The superior’s superior may not be in the same organisaional unit he will be at higher level orgl unit. Ex. HR admn assistant not see the IT0008 record of the HR Manager and the CEO.
How to restrict this any ideas please.
Answer:
Personnel Sub area I beleive is used to determine pay grades that you can restrict access to using P_ORGIN
_________________
John A. Jarboe
Answer:
Hi John
Thank you for your response. The classification of enterprise structure differ client-to-client depends on business requirements. In the current project I cannot use personnel area or PSA to restrict access to superior. Any Ideas please….
Answer:
I presume you're using an O-S-P Eval Path in your Structural Auth profile via (OOSP)
You can set conditions as per below:
eg
Display depth - what level in a hierarchal structure a user may access
Sign +/- determine if you go up or down in the structure from a particular point
RH_GET_MANAGER_ASSIGNMENT - determines root object the organizational unit to which the user is assigned as manager via relationship A012
If everything is ok then all I would suggest is looking at setting up special roles and assigning the position nos for the respective personnel.
Good Luck
Steve
Answer:
Hi Steve
Thanks for your suggestion; the HR administrator not to access the master data of Director of the Org. unit and the director is 10-12 layers above and this will vary org unit to org unit. So maintenance will be more.
Answer:
Have you thought about returning the question and ask why this should be done?
If a manager is allowed to see payroll for only his own employees then fair enough. This should be easlily accomplished with structural authorisations.
If an HR employee is allowed to see payroll for employees, but not for certain top level managers, then why?
Answer:
Hi Blaster thank for your question, this is an Administration role not Payroll.
Answer:
But why is the HR admin then allowed to see payroll in PA20/PA30 at all?
Answer:
Hi Robin - Blaster - others,
My client asked me the same question today.
The problem is basically to restrict infotype access according to personnel numbers. The client doesn't have structural implemented.
Blaster, the HR Admins usually do have the authority to display the IT8. This is not payroll access or anything like that, and also all companies differ in the way they separate HR and payroll departments. This is a legitimate, logical question by the clients and we need to find the answer. For wxample, the client may not want the hr admin to be able to change his wife's pay data in IT8. Let's say that his wife's position is in no way in relation to his position in org management.
Anyhow, going back to the question - I just thought of a possible way to do this - just brainstorming here -
we may be able to use the BADIs for the personnel management access.
Has anyone implemented any BADI for this purpose or do you have any idea about this?
_________________
Every problem has a solution.