i think if structural authorization is implemented in your system then i think i might be possible
i think you have restrict via the below
compnay code
infotype & subtypes
may be PA, PSA, EG & ESG
but i am not sure about organisation key
please check with security & authorization team
