cancel
Showing results for 
Search instead for 
Did you mean: 

Custom Super Admin role

Former Member
0 Kudos

Hi Experts,

I am customizing the Standard Super Admin role in SAP EP 7.3.

Requirement: Need to create Custom Super admin role With Read Only Access.

I am able to do, only road block is that when i am going in system admin role -> Federated portal

It allows me to create , update, delete the FPN connection.

How can i hide this?

Waiting for the response!!

Regards,

Tarun Dhuria

Accepted Solutions (0)

Answers (1)

Answers (1)

0 Kudos

Hi,

When you want to have a delegated user, with less or different roles than what is provided by SAP,

You should create a Delta Link copy of the role from the original content provided by SAP.

It should be copied to a custom folder, is which you will set your own desired permissions accordingly.

This Delta Link role can be edited, by adding and removing content via the editor in the Content Administration.

In your case, you can just remove the whole "Federated Portal Network" tree of content from the DL role.

Regarding setting permissions – the permissions can be set to Unit objects only, and not to sub-units, meaning that you can set permissions to the role itself in the content administration,

but you cannot change permissions to the content within the role.

All the content under the role will inherit the permissions from the role itself.

However the permissions of the role itself if not changed, are inherited from the folder it is placed under.

So you can just create a folder with certain permissions for that user, and copy under it all the desired roles and content one needs to use.

Hope this helps,

Thanks & regards,

  Michal Zilcha-Lang

Former Member
0 Kudos

Hi Michal,

Thanks for the reply!

Requirement:: We want all the content will visible only in Read only mode, all other stuff working fine(As Required), except FPN.

Is there any UME Action for FPN?

Or any other alternate way?

Waiting for the response!

Regards,

Tarun Dhuria

0 Kudos

Hi Tarun,

How did you set the rest of the UIs to run in "read only" mode for a specific user?

For example - System Administration -> Transport -> Transport Packages -> Import -

Is this UI in read only mode?

From permission concept, this is considered runtime of content - so either you can run it or not.

There is no possibility in the permissions editor to run content in read only mode (there is just a check box to be able to run it). The administration settings are relevant for editing properties and sub-units of the content, but not running it.

Please elaborate on how you set the rest of the applications to run in read-only mode for that user.

Thanks & regards,

Michal Zilcha-Lang

Former Member
0 Kudos

Hi Michal,

Thanks for the reply!

Import is not in read-only mode, it will allow to import new theme.

We have copied the standard system admin role to our folder and changed ID.
Removed existing UME actions in 'Assigned actions' section
Added read-only UME actions: Read_All, Read_Basic, Read_ My_ Profile, Read_ User_ Mapping_ Credentials

But for only Federated Portal we are getting full access.

Waiting for the response.

Regards,

Tarun Dhuria

0 Kudos

Dear Tarun,

Running the administration applications, such as import of transport packages, and administrating the FPN are considered as "runtime" of the content by the administrator.

Hence he got the permissions to run it.

The UI will not be "read only" if you change UME actions, as it is not related and not used in the applications code.

The reason I told you to check other applications is to see that all the applications can be edited and used – non is in "read only".

I hope that I explained myself clearly.

Please let me know if it is still not clear.

Thanks & regards,

Michal Zilcha-Lang