Access Control List

vaibhavgoel · ‎07-16-2013

Dear Experts,

My requirement is that:-

While creating a PO/PR the user enters a WBS element .

At presen anyone can use the WBS element and create PR/PO.

They are not creain PR/PO by using PS but they are assigning the WBS element while creating a PR.

Now, they want that only specific person should get the authorization for creating the PR/PO while other person should not able to create a PR/PO for a specific WBS element.

Please sugest weher this is possible by using ACL or please sugget some other way .

Former Member · ‎09-10-2013

You cannot do it using ACLs of WBS element as i understand that the users are triggering PR/PO using ME51N/21N and not throug project planning transactions.

You can write an enhancement in PR/PO processing and use person resposible field in WBS element to determine if he should be allowed to use that WBS element for creating PR/PO

We have done this for groups not user ids, by using Requistioner field exit in combination with a Z table.

Tx

Saurabh

Rachel_Tang · ‎09-09-2013

It can't be controled by ACL as it's toally an MM function because you are creating PR/PO in MM transactions like ME21N/ME51N. The suggestion from Mahendra and Manish is useful, but if you want more suggestion, maybe you can find the MM forum and post a question there.

The enhancement MEREQ001 for PR and

MM06E004

MM06E005

for PO may help you to develop it by yourself.

Former Member · ‎09-07-2013

Hi,

Do you want to restrict access control to specific user (person is not the correct word to use) to have PR/PO, then go with Mahendra's suggestion. Create a Ztable and input the user id and WBS element then system will allow that user to create PR/PO and error will be given if other than this user. Also use the logic provided by Manish.

Thanks,

Sudhakar

Former Member · ‎07-23-2013

Hi,

As mahendra has already suggested, maintain a z-table and proceed .You can achieve the result.

Take help of your abaper with reference of the below lines too.

*LOOP AT TEKKN INTO WA_EKKN.

* CONCATENATE 'PR' WA_EKKN-PS_PSP_PNR INTO V_OBJNR.

* READ TABLE TEKPO INTO WA_TEKPO WITH KEY EBELN = WA_EKKN-EBELN

* EBELP = WA_EKKN-EBELP.

*

* IF WA_TEKPO-KNTTP EQ 'P' OR WA_TEKPO-KNTTP EQ 'Q'.

* SELECT SINGLE * FROM PRPS WHERE OBJNR = V_OBJNR.

*

* CALL FUNCTION 'CONVERSION_EXIT_PROJN_OUTPUT'

* EXPORTING

* INPUT = PRPS-POSID

* IMPORTING

* OUTPUT = OUTPUT.

*

* LOOP AT IT_1234_USR_WBS.

* IF PRPS-POSID NP IT_1234_USR_WBS-POSID.

followed by the error message...

This wl surely work for you.

Former Member · ‎07-16-2013

Dear Vaibhav

As per your requirement they want only the specific person should get the authorization for creating the PR while other person should not able to create a PR/PO for a specific WBS element.

yes it can be possible by extending ACL authorizations to the the project /WBS / Network Level.

Even the if the person is having the PR creation roles, but they cant access the project , until they get the ACL access from their project manager or the Person Responsible.

So the authorization can be controlled from top Project level to Network level.

By maintaining the ACL Admin/Write/Read authorizations.

Regards,

vrkumar

Former Member · ‎07-16-2013

I am not sure if ACL can help in this. But you achieve in this way: make one Z-table where you define relationship between user and WBS element.

Have a enhancement in PR/PO which checks if the 'User-Name' and 'WBS element' combination exists in that table and gives error message to the user.

Regards,

Mahendra

Access Control List

Accepted Solutions (0)

Answers (6)

Answers (6)

Re: Batch Number Assignment

Batch Number Assignment

Maintenance Order Components - PR should create wi...

Automate [Inventory Valuation Simulation Report] i...

Re: Is there a CDS view that contains Label Type (...