Introduction:
If the user has the below roles and data access set for a specific BU, it is showing all BUs in the payable module. It should be shown only one BU.
If we assign these roles to users, it will show all BU access in the AP module. We need to change the condition at Data Security Policy (DSP) for the duty role in the below custom roles.
Old Condition:
Access the payables payment and receivables standard receipt for table FUN_ALL_BUSINESS_UNITS_V for the business units that interact with the bank accounts for which they are authorized.
New Condition:
Access the business units for which the user is explicitly authorized
Roles:
Cash Management
Expense Audit Manager
Expense Audit
Application Implementation Consultant
Supplier Customer Service Representative
Procurement Application Administrator
Corporate Card Administrator
Impacted Duty Role:
- Bank Statement and Reconciliation Custom
- Cash Positioning and Forecasting Management Custom
- Payables Invoice Import Submission Duty role
Old Condition:
Access the payables payment and receivables standard receipt for table FUN_ALL_BUSINESS_UNITS_V for the business units that interact with the bank accounts for which they are authorized.
Bank Statement and Reconciliation Custom
Cash Positioning and Forecasting Management Custom
Payables Invoice Import Submission Custom
New Condition:
Access the business units for which the user is explicitly authorized
Bank Statement and Reconciliation Custom
Cash Positioning and Forecasting Management Custom
Payables Invoice Import Submission Custom
Once changed the condition in the duty role user can able to view only specific BU access in the AP (Invoice and Payment)
Conclusion:
We have restricted the old policy and changed a new policy at data security policy level. Once we changed this policies user can see only one BU at UI level.