Problem Description

The use of evaluation paths with an unspecified target object type of a relationship is an additional cause of performance problems, even though the request on the authorization profile is limited to certain (target) object types, as the following example illustrates:

Example

Assume that the authorization profile should determine the permitted persons by organizational unit and position. You can use the SBESX evaluation path for this:

Evaluation Path SBESX:

O B002 O

O B002 S

S A008 *

If you use this evaluation path, the objects linked with positions are not determined by the definition of the evaluation path but according to the T77E table ( Permitted Relationships ).

As a result, all other objects that could be linked to a position (object types BP and US) are also imported to the set of objects. This is NOT necessary for the current requirement.

Solution

To avoid this, an evaluation path with a specified target object type should be used:

The Z_SBESP evaluation path could be used for this example:

O B002 O

O B002 S

S A008 P