I have the following requirement according to analysis authorizations, but after reading several discussion, help documents and notes I think it is insolvable - or has anyone an idea? We are on BI 7.0
I have two authorization relevant info objects in an Info Provider, info object 0FUNDS_CTR and 0PU_MEASURE. Now it should be possible, that a user has, for example, authorization for 0FUNDS_CTR value 10 and on this funds center a restriction on 0PU_MEASURE values L1,L2, L3.
He should also have authorization for 0FUNDS_CTR value 20, but on this he should only see 0PU_MEASURE value L4 (and not L1,L2 and L3).
So I defined two analysis authorizations:
0PU_MEASURE: L1, L2, L3
I assigned this two analysis authorizations to the user.
In the query on the Info Provider, I defined selections on 0FUNDS_CTR and 0PU_MEASURE with authorization variables.
But when executing the query for the user, authorization check fails.
Reading note 1233793, 1000004, 1234567 I understood why this happens:
First, the following is analyzed:
0FUNDS_CTR IN ('10','20')
AND 0TCAACTVT = '03'
AND 0PU_MEASURE LIKE *
It is proved against AUTH1 and a remaining set that is not yet authorized is determined for L4.
No authorization for 0FUNDS_CTR 10 and 0PU_MEASURE L4 is found, so the authorization check fails (some other following checks fail, too).
So, has anybody an idea whether it is possible to implement a query, so that for the first funds center 10 only L1,L2,L3 is authorized for this user and for the second funds center 20 only L4 is displayed? We have a lot of 0FUNDS_CTR/0PU_MEASURE combinations and assignments to users, so that a authorization based solution seems to be the only way....