Supplier Address Security

msuters

msuters

Active Member
Hi all,

I am asking for suggestions for how to provide security for supplier
addresses for our business situation. The situation:

1. We have several address book types including C for Customers and S
for Suppliers.
2. We've applied row security on all tables, based on the AddressType1
(AT1). Through this we allow some users to create customers and view
suppliers, while other users can create suppliers. The Customer Creators
should not be able to alter information about a Supplier.
3. We have created two different versions of the address book (P01012),
which each pre-populate the AddressType with the desired value (C or S),
and the users cannot change this.
4. If only application security is applied to the Address Book (P01012),
the Customer creator can access the Supplier version of the address
book, and view the information there, including the mailing information.
The Customer Creator cannot add a new supplier, or change the
information on the "AddressBook" tab, as this is controlled by the row
security applied to the AddressType1. The problem is that the Customer
creator can edit the Mailing information for the Supplier, because this
resides in Table F0116, which does not have a column for AddressType1
(AT1). Therefore changes to this information bypasses our row level
security. Users could modify the addresses of suppliers, possibly
sending cheques to the wrong address.

We cannot apply action security, or anything else I can think of,
because the Customer Creators need this access for their legitimate task
of creating Customers, for which the address book is used.

Our current solution to this problem is to apply Roles and secure the
entries on the Menu. This has several disadvantages:
1. It's another whole system of security, just so we can achieve this
one aim.
2. For each new menu item, all roles seem to have access, until you
explicitly remove access from them. (The opposite of what you would want
for reducing the risk of security lapses.)
3. Management is cumbersome - to manage role security, you have to find
the item on the menu, and manipulate it there.

Is there a better way to achieve this aim of controlling the ability to
modify the addresses of suppliers? Or is there an easier way to manage
role-based security for items on the menu?

Thanks in advance,
Mark Suters
PS ERP8, Update 1, SP22_F1, W2K, SQL2K, Citrix Metaframe XP
------------------------------------------------------------------------
---------------

#####################################################################################
Note:
This message is for the named person's use only. It may contain confidential,
proprietary or legally privileged information. No confidentiality or privilege
is waived or lost by any mistransmission. If you receive this message in error,
please immediately delete it and all copies of it from your system, destroy any
hard copies of it and notify the sender. You must not, directly or indirectly,
use, disclose, distribute, print, or copy any part of this message if you are not
the intended recipient. Stockland and any of its subsidiaries each reserve
the right to monitor all e-mail communications through its networks.

Any views expressed in this message are those of the individual sender, except where
the message states otherwise and the sender is authorized to state them to be the
views of any such entity.

Thank You.
#####################################################################################
 
Back
Top