Skip to Content
avatar image
Former Member

Access Control List

Dear Experts,

My requirement is that:-

While creating a PO/PR the user enters a WBS element .

At presen  anyone can use the WBS element and create PR/PO.

They are not creain PR/PO by using PS but they are assigning the WBS element while creating a PR.

Now, they want that only specific person should get the authorization for creating the PR/PO while other person should not able to create a PR/PO for a specific  WBS element.

Please sugest weher this is possible by using ACL or please sugget some other way .

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

6 Answers

  • avatar image
    Former Member
    Jul 16, 2013 at 09:11 AM

    I am not sure if ACL can help in this. But you achieve in this way: make one Z-table where you define relationship between user and WBS element.

    Have a enhancement in PR/PO which checks if the 'User-Name' and 'WBS element' combination exists in that table and gives error message to the user.

    Regards,

    Mahendra

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jul 16, 2013 at 09:47 AM

    Dear Vaibhav

    As per your requirement  they want only the specific person should get the authorization for creating the PR while other person should not able to create a PR/PO for a specific  WBS element.

    yes it can be possible by extending ACL authorizations to the the project /WBS / Network Level.

    Even the if  the person is having the PR creation roles, but they cant access the project , until they get the ACL access from their project manager or the Person Responsible.

    So the authorization can be controlled from top Project level to Network level.

    By maintaining the ACL Admin/Write/Read authorizations.

    Regards,

    vrkumar

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hi,

      As you said, we can control project access by maintaining the ACL Admin/Write/Read authorizations. But user can create PR/PO for any WBS element even though he is not access to that project/WBS element. Please correct me, if I am wrong.

      Regards,

  • avatar image
    Former Member
    Jul 23, 2013 at 11:18 AM

    Hi,

       As mahendra has already suggested, maintain a z-table and proceed .You can achieve the result.

    Take help of your abaper with reference of the below lines too.

    *LOOP AT TEKKN INTO WA_EKKN.

    *  CONCATENATE 'PR' WA_EKKN-PS_PSP_PNR INTO V_OBJNR.

    *  READ TABLE TEKPO INTO WA_TEKPO WITH KEY EBELN = WA_EKKN-EBELN

    *                                          EBELP = WA_EKKN-EBELP.

    *

    *  IF WA_TEKPO-KNTTP EQ 'P' OR WA_TEKPO-KNTTP EQ 'Q'.

    *   SELECT SINGLE * FROM PRPS WHERE OBJNR = V_OBJNR.

    *

    *        CALL FUNCTION 'CONVERSION_EXIT_PROJN_OUTPUT'

    *          EXPORTING

    *            INPUT         = PRPS-POSID

    *         IMPORTING

    *           OUTPUT        = OUTPUT.

    *

    *       LOOP AT IT_1234_USR_WBS.

    *       IF PRPS-POSID NP IT_1234_USR_WBS-POSID.

    followed by the error message...

    This wl surely work for you.

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Sep 07, 2013 at 04:22 AM

    Hi,

    Do you want to restrict access control to specific user (person is not the correct word to use) to have PR/PO, then go with Mahendra's suggestion. Create a Ztable and input the user id and WBS element then system will allow that user to create PR/PO and error will be given if other than this user. Also use the logic provided by Manish.

    Thanks,

    Sudhakar

    Add comment
    10|10000 characters needed characters exceeded

  • Sep 09, 2013 at 05:03 AM

    It can't be controled by ACL as it's toally an MM function because you are creating PR/PO in MM transactions like ME21N/ME51N. The suggestion from Mahendra and Manish is useful, but if you want more suggestion, maybe you can find the MM forum and post a question there.

    The enhancement MEREQ001 for PR and

    MM06E004

    MM06E005

    for PO may help you to develop it by yourself.

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Sep 10, 2013 at 06:57 AM

    You cannot do it using ACLs of WBS element as i understand that the users are triggering PR/PO using ME51N/21N and not throug project planning transactions.

    You can write an enhancement in PR/PO processing and use person resposible field in WBS element to determine if he should be allowed to use that WBS element for creating PR/PO

    We have done this for groups not user ids, by using Requistioner field exit in combination with a Z table.

    Tx

    Saurabh

    Add comment
    10|10000 characters needed characters exceeded