SAP CRM Negative Authorization test on CRM_ORD_LP

• 2020 年 3 月 9 日
• 筆記

Test setup

PFCG role in QGS/300: role ZCRM_ORD_LP_01_SRVO

User ORDLP01_srvo assigned to this role:

since in DCL modelling I use 03 for ACTVT field value, so the expected behavior is that this user can NEVER read any data from CDS view. Test report : CRMS4_SEARCH_ORDER_DESCRIPTION The user WANGJER with full authorization could get 100 search results returned. And for this user: 0 search result

Another negative test

User: ORDLP03_SRVO

When I search via the following parameters, it works as expected, because in QGS/300 there are lots of orders with description containing 「Jerry」 and transaction type =「SRVO」:

Another test: search by description containing 「i042416」 And there are two candidate entries with different transaction type in DB table:

it is expected only 1 record found:

Works as expected:

要獲取更多Jerry的原創文章，請關注公眾號"汪子熙"