This supporting function is used to limit access to information on the accounting identity level. This prevents both incorrect entries being made and unauthorized access to this information.
The check starts automatically when a user tries to edit or display account entries or when they try to print a report.
The security checks can include all accounting dimensions.
Security Check of Function
'Settings - Access Authority Check' (GLS005) is automatically searched for the program where the user is working.
If that program is flagged as activated for a security check, then the check continues to the next step.
Security Check of Accounting Dimensions
A further search is made to determine the accounting dimensions for which authorization is required, based on the parameters in 'Settings - Access Authority Check' (GLS005).
Security Check of Accounting Identities
The accounting dimensions concerned having been identified, the accounting identities specified in these dimensions are then automatically checked against the accounting identity file in 'Accounting Identity. Open' (CRS630). Accounting identities can be codes for cost centers or an account for interest income, for example.
If the identity does not have an object access group connected to it, then it is released for processing.
If there is an object access group connected to the accounting identity, the security check continues with identifying the user's user group.
To see how user groups and object access groups are used to prevent unauthorized access, refer to this document: Defining Access to Information in M3.
The result of the check can be any of the following: