SAP CRM Negative Authorization test on CRM_ORD_LP
Test setup
PFCG role in QGS/300: role ZCRM_ORD_LP_01_SRVO
User ORDLP01_srvo assigned to this role:
since in DCL modelling I use 03 for ACTVT field value, so the expected behavior is that this user can NEVER read any data from CDS view.
Test report : CRMS4_SEARCH_ORDER_DESCRIPTION
The user WANGJER with full authorization could get 100 search results returned.
And for this user: 0 search result
Another negative test
User: ORDLP03_SRVO
When I search via the following parameters, it works as expected, because in QGS/300 there are lots of orders with description containing “Jerry” and transaction type =“SRVO”:
Another test: search by description containing “i042416”
And there are two candidate entries with different transaction type in DB table:
it is expected only 1 record found:
Works as expected:
要获取更多Jerry的原创文章,请关注公众号"汪子熙":