Hello,
Edit: I have use an analysis authorization and now I am able to visualize the data that is assigned in the DAP. However, I can not change to 'Edit Mode', it says that I do not have enough autorization. More strange thing is that if I change my DAP to 'All members' with access 'write' I am able to change to 'Edit Mode'.
Refer to this comment:
http://answers.sap.com/comments/152129/view.html
I have created a user with the minimum authorization objects:
However when the user logs in EPM, he can still press the "Edit Mode" button and save data:
What can I do so the user cannot save data?
Thank you.
- SAP Managed Tags:
Accepted Solutions (0)
Answers (4)
Hi Marc,
Thank you so much for your answer.
We have our user DELTEST2 assigned to the DAP "ALL", as you can see:
The problem seems to be in the BPC-side authorizations, because when we inspect the function module "RSEC_INTERSECTION_BPC", the internal table "i_thx_bpc_auths" does not contain the dimensions "ZDATATYPE" and "ZENTITY", as it can be shown in the next figure:
Where this internal table "i_thx_bpc_auths" obtains its values from? We thought it was from DAP in the BPC-size but it does not seem that.
Thanks.
Hi Marc,
It seems the authorization S_USER_GRP was missing. We have added it and now we are able to see just the members assigned to the DAP.
However, we still have a problem. For instance, I have added my user the DAP SLOVAKIA:
And when I log into EPM I am able to see just these two entities. However, when I click in "Edit Mode" in order to be able to send data; it says that I do not have enough authorizations.
This is my analysis authorization:
And I have added the activity change:
I have notice that if I change the Slovakia DAP to 'All members' with 'write' access, I am able to change to 'Edit Mode' and send data. But only if I select 'All members'; when I select just a few (like in the image) I can not do it.
Any ideas?
Thank you.
Thank you Gersh for your answer,
With only the 6 authorizations (3 for the cubes and 3 for the aggregation cubes):
I have done what you told me, but it seems everything is correct:
However, I get the message when I log into EPM:
Thank you again.
Thank you for your answer Marc,
But I am still a bit loss with this "BI Analysis Authorizations" object.
At the bottom, I have the six analysis authorizations that I have created in order to restrict the user to view some dimensions:
For example for ZPVFORECAST
But if I select this 6 authorizations, (3 for the cubes and 3 for the aggregation cubes), when I try to log in EPM it says that the query is invalid (I suppose that this is because I do not have enough authorizations).
Thanks in advance.
It looks like your analysis authorizations are missing the Activity, Provider, Validity fields to work.
You can add them using the 
-button.
You may want to check the help page for more details on defining analysis authorizations.
Best regards,
Marc
I have changed the 6 analysis authorizations, but when I add them to the "BI Analysis Authorizations" object (just them, I deselect the other options):
I received the error when I log into EPM:
Thank you again.
a few ideas what you could check:
- check the query in transaction RSRT to see whether it works there. This can help to decide whether the issue is more on the BW authorization side or more on the BPC/EPM side
- if the query works as expected in RSRT, try the query in a different BPC-enabled frontend. Analysis Office usually is a bit more generous when it comes to showing error messages than EPM. You can specify the BPC environment/model in Analysis Office under "Planning Model" of the "Components" tab of the "Design" panel.
In RSRT, you can specify the environment/model like this (no blanks between the tokens!):
- check the authorization trace (transaction RSECPROT -- you need to add the restricted user to the table under "Configure Log Recording" first to enable logging)
Hi Marc,
First of all, thank you for your answer.
1. Your colleague Gersh Voldman told me the same, I have answer in the post below this one. The query works as expected.
2. I tried Analysis Office but the error message was exactly the same:
3. I add my user (DELTEST) to the resctricted users and I tried to log into EPM again.Then I checked the DIsplay Error Log and this is the message I have received:
Activity 03 is display, but I have already selected the authorization objects "Manage environment" and "Grant user access to a BPC environment".
Also in Analysis Authorizations I have the following:
What I am doing wrong?
Thank you!
Hi Marc,
I have a DAP called ALL, which have all Write Access for all the relevant dimensions:
I have my user DELTEST2 (I know before was DELTEST, I am just making some changes) added to that DAP:
If I go to SU01 to see the authorization, I have a new one that has been created when I assign the user to the DAP:
If I open it, we can see the first problem:
It says "!!!!" so there is something wrong.
I have tried to change it:
But even with this change I still have the same problem when I open the query: "This query is invalid. Please contact your administrator".
I really appreciate your effort (Marc and Gersh) trying to help me.
Thanks a lot
| User | Count |
|---|---|
| 14 | |
| 4 | |
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.