User aaaa has a timesheet, and his timesheet is visible to another user, user bbbb. Why?
These two users are not in the same Project Team.
User bbbb has 'Resource - Enter Time' instance access right to user aaaa, and this right is granted via a group.
User bbbb has the following access rights:
1. Resource - Enter Time. Assigned via ADMINISTRATION, RESOURCES > Page: Instance Access Rights (userInstanceRights)
2. Resource - Enter Time. Assigned via ADMINISTRATION, GROUPS : Base User > Page: Instance Access Rights (groupInstanceRights)
[Definition of Resource - Enter Time access right is: Allows user to complete and submit timesheets for a resource.]
To confirm from the PPM UI:
1. Navigate to Administration - Organization and Access - Groups
2. Select group name 'Base User'
3. Click on the Group's Access Rights - Instance
4. Click on the 'Resource - Enter Time' link
5. The next page displays a list of resources, and it contains user bbbb.
To confirm using a query:
FROM cmn_sec_assgnd_obj_perm aop,
WHERE l.ID = aop.RIGHT_ID
AND aop.PRINCIPAL_ID = ug.GROUP_ID
AND cmn_sec_users.ID = ug.USER_ID
AND SRM_RESOURCES.ID = aop.OBJECT_INSTANCE_ID
AND (aop.PRINCIPAL_TYPE = 'GROUP'
AND L.GROUP_CODE = 'ResourceEnterTime'
AND cmn_sec_users.USER_NAME = '<username>') <== change <username> to the value of field User Name