Derived Roles

As the name indications are derived from already existing roles.
There are two scenarios when we derive roles.

  • The role menus are identical but the authorizations for the menu actions are different in the derived role.
  • The menu and authorizations of the derived role are identical, but the organizational levels are different in the derived role.
The derived roles inherit the menu structure and functions (including transactions etc...) of the referred role.

The default authorization values of the derived role are that of the inherited role. The organizational values are to be maintained in the derived role.

The organization level data is only copied the first time the authorization data is adjusted for the derived role. If organization level data is maintained in the derived role, it is not overwritten by subsequent adjustments.

Roles derived from another cannot have any additional menu entries. The menu is maintained in the referred role which take effect immediately in all derived roles.


To change the menu of the derived role without changing the menu of referred role you have to break the inheritance relationship. Once the relationship breaks, the derived role is dealt as a normal role and the inheritance relation ship cannot be re established

No comments:

topics