Configuring access to security-sensitive data

Application management : Authorization : Security : Access to security-sensitive data : Configuring access to security-sensitive data

In Planon, data access can be maintained by creating two separate launch panels for user groups/function profiles. In addition to functional business objects, system business objects have also been made authorizable, which means that you can make them available/unavailable at will.

Authorization for system business objects is configured at the Authorization > Business objects level.

In contrast to Field definer , here, all business objects are displayed and not only those that are configurable. The system business objects that can be made authorizable display fewer details than those that are configurable and only the Is authorized field can be changed.

When authorizing system business objects, be careful not to exclude yourself from accessing this funtionality. The system business objects are recognizable by their gray-colored icon.

Authorizing system business objects

Preparation:

• Create two separate user groups & function profiles, one for the application manager and one for the system administrator.

• The application manager has Default permissions as Invisible and the system administrator has Full functionality.

1. Go to Authorization > Business objects level and select a system business object that you want to make authorizable.

2. Set it Under construction and set Is authorized to Yes.

3. Set the business object back to Completed and log out/log in.

• The system administrator can still access and change data for the business object.

• The application manager cannot view or change data for the business object.