Checking logged users' permissions by comparing their name to a hardcoded string can create security vulnerabilities. It prevents system administrators from changing users' permissions when needed (example: when their account has been compromised). Thus system fields ``SY-UNAME`` and ``SYST-UNAME`` should not be compared to hardcoded strings. Use instead ``AUTHORITY-CHECK`` to check users' permissions.
This rule raises an issue when either of the system fields ``SY-UNAME`` or ``SYST-UNAME`` are compared to a hardcoded value in a ``CASE`` statement or using one of the following operators: ``=``, ``EQ``, ``<>``, ``NE``.
