Hi All,
Good Evening.
We have read some posts in here related to my query, but i am looking for some more details on
1) Is there any massway to assign the privileges in IDM business role/privileges assignment screen like uploading all privileges to particular systems either through note pad or excel or any similar solution to assign mass privileges to users ?
2) I have seen some answers where the experts discussed about some parameters like MXREF_MX_PRIVILEGE and jobs (not sure through if my above query is relates this object) , but in analyst perspective where we dont provide access to any developer Studios, and we just provide the access IDM role assignment screen, how can we achieve the mass assignment ?
or is there any other easy suggesion to achieve this understanding that we wont provide any access to temp tables changes/developer sutios. Please advise the steps.
Thank you.
- SAP Managed Tags:
Accepted Solutions (0)
Answers (3)
Hi,
the problem is, that with the regular "change user" task you can change only the selected user, not mass processing. In my use case, the user administration want to assign various privileges to one or more users.
So, what I did is:
1) create a self service form with a file upload attribute, another single select attribute for the repository to be processed, I also added a attribute named JOB_ID where I set the name of the job triggered (step 3)
2) create a post process for this form with two process steps; the first one copies the uploaded file into a pre-defined folder (and copies a backup into another one); the second process triggers a job which processes the request
The job trigger process creates a temporary global variable using function uSetGlobalVar which holds the ID of the user who executed the process. That's because the attribute values of the UI form are stored temporary on this ID and I need these values later in the job.
3) create a job that process the necessary actions; in my case a z-table is filled from the upload, the priviege assignments are done and afterwards the z-table as well as the global variable is cleared again
To get the information needed (filled by the user in the UI form) I get the global variable value again with function uGetGlobalVar. Having the userID again, I can use function uIS_GetValue to get the input values of the Z-attributes from the UI form.
With this kind of configuration I cover quite a lot of processes, not only mass processing (e.g. mass locks/unlocks of users, privilege replacements, attribute maintenance,...).
Regards, Richard
Hi Steffi,
the file to be uploaded is stored as attribute value on the MSKEY of the executing user. Therefore I do a simple file copy to a server path and delete the temp. attribute afterwards. The copy process is a To Generic pass with some input attributes:
Within the script a fix file name is set depending on the selected job activity (this one is requested by the pre-defined jobs); one copy is stored in the "processing" folder, another with a timestamp is stored in a backup folder (that's to check the file afterwards in case of any errors during the process). Here, I use internal functions such as uFromHex and uToFile.
// Main function:custom_copyFileToShare
// script stores the uploaded file in the process directory
// with a fix filename depending on the activity and in the
// backup directory with a timestamp
function custom_copyFileToShare(Par) {
var userMskey = Par.get("MSKEY");
var activity = Par.get("Z_JOB_ACTIVITY");
var fileAttribute = Par.get("FILE_ATTRIBUTE");
var DirectoryProcess = Par.get("FILE_DIRECTORY_PROCESS");
var DirectoryBackup = Par.get("FILE_DIRECTORY_BACKUP");
// transform "\" into "\\"
//******************************
DirectoryProcess = uReplaceString(DirectoryProcess, "\\", "\\\\");
DirectoryBackup = uReplaceString(DirectoryBackup, "\\", "\\\\");
// get filename from binary
//******************************
var fileArray = fileAttribute.split(":");
var filefullname = fileArray[0];
var binary = fileArray[1];
var filePlain = uFromHex(binary);
// set process filename depending on activity
//*************************************************
var processfilename = "";
if (activity == "Lock user") {
processfilename = "UserLockList.csv";
} else if (activity == "Unlock user") {
processfilename = "UserUnlockList.csv";
} else if (activity == "Change validity") {
processfilename = "UserValidity.csv";
} else if (activity == "Role assignment") {
processfilename = "UserRoleAssignment.csv";
} else if (activity == "Update company list") {
processfilename = "CompanyList.csv";
} else if (activity == "Update company assignments") {
processfilename = "CompanyAssignmentList.csv";
} else if (activity == "Role replacement") {
processfilename = "RoleReplacementList.csv";
} else {
uSkip(2);
}
// add timestamp to filename
//******************************
var file = processfilename.split(".");
var desc = file[0];
var ext = file[1];
var timestamp = custom_getTimestamp();
var backupfilename = desc + "_" + timestamp + "." + ext;
// set file paths
//******************************
var path_process = DirectoryProcess + "\\" + processfilename;
var path_backup = DirectoryBackup + "\\" + backupfilename;
// store files in directories
//******************************
uToFile(path_process, filePlain, "FALSE");
uWarning("Current file has been downloaded to Share [" + path_process + "]");
uToFile(path_backup, filePlain, "FALSE");
uWarning("Backup file has been downloaded to Share [" + path_backup + "]");
return Par;
}
| User | Count |
|---|---|
| 89 | |
| 10 | |
| 9 | |
| 9 | |
| 9 | |
| 6 | |
| 6 | |
| 5 | |
| 5 | |
| 4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.