Checking logged users' permissions by comparing their name to a hardcoded string can create security vulnerabilities. It prevents system administrators from changing users' permissions when needed (example: when their account has been compromised). Thus system fields ``++SY-UNAME++`` and ``++SYST-UNAME++`` should not be compared to hardcoded strings. Use instead ``++AUTHORITY-CHECK++`` to check users' permissions.
This rule raises an issue when either of the system fields ``++SY-UNAME++`` or ``++SYST-UNAME++`` are compared to a hardcoded value in a ``++CASE++`` statement or using one of the following operators: ``++=++``, ``++EQ++``, ``++<>++``, ``++NE++``.
