Technical Blog Post
Abstract
Storeroom tab in Security Groups app is not limiting access to storerooms
Body
Storeroom information is used in transactions that affect inventory items and balances.
As a security measure, you can authorize a security group to make transactions with specific storerooms.
Storeroom authorization has never been meant to enforce whether or not a user can 'see' storeroom or inventory records.
Storeroom authorization really means financial storeroom authorization. ie: whether or not a user can affect the financial valuation of a storeroom.
A user who does not have storeroom rights should not be able to perform the following actions for any items in the storeroom: issue, return, transfer, balanace/cost adjustments, receipts, invoice variances.
You may also review the below documentation about Security Groups combination and Storeroom authorization rules:
Combination of security groups - rules for storeroom authorization
http://www-01.ibm.com/support/knowledgecenter/api/content/SSLKT6_7.5.0.5/com.ibm.mbs.doc/securgroup/c_rules_storeroom_authorization.html
Authorizing access to storerooms for security groups
http://www-01.ibm.com/support/knowledgecenter/api/content/SSLKT6_7.5.0.5/com.ibm.mbs.doc/securgroup/t_auth_access_storerooms_sec_groups.html
UID
ibm11112271