Skip to Content
author's profile photo Former Member
Former Member

How to Build Query with Analysis Authorizations to Work for Intersection of Members

Cost center is an authorization relevant IOBJ in our BW.

We have the following cost centers for travel expenses: 4710, 4711, 4712, 5710, 5711, 5712.

We built a BEx query especially for travel expenses with a global filter on the cost centers 4710, 4711, 4712, 5710, 5711, 5712 .

The users in our system are assigned analysis authorizations (in RSECADMIN) on cost centers like this:

User1: 2710, 3710, 4710, 5710

User2: 2711, 3711, 4711, 5711

User3: 2712, 3712, 4712, 5712

When User1 executes the query he/she is supposed to see the values for 4710 and 5710.

For User2 it is supposed to be 4711 and 5711 etc.

Hence, the expected result is the equivalent of an SQL 'inner join' between the travel expense cost centers and those cost centers which the respective user is authorized.

The problem is that we receive the message 'no authorization'.

Question: is this behaviour to be expected or is it a bug?

Add a comment
10|10000 characters needed characters exceeded

Related questions

3 Answers

  • Best Answer
    Posted on Jul 09, 2020 at 03:19 PM

    OK, keep your travel expense CC as a filter and set your authorization variable in the default values panel.

    This should result in the intersection of both values.

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Jul 08, 2020 at 04:58 PM

    Hi Martin,

    It is expected. To be able to execute your query, a user needs the authorization on all the selected cc (here : 4710, 4711, 4712, 5710, 5711, 5712).

    Try to add an authorization variable on the cost center in the query. Not sure of that, but I'm hoping the result will be the intersection of the filter and the authorized values.

    Regards,

    Frederic

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hi Frederic,

      your answer puts the finger right on the pain point!

      If I put an auth variable (in the global filter) on IOBJ cost center then the users will see all cost centers for which he/she is authorized (for User1: 2710, 3710, 4710, 5710), right?

      But since it is a travel expense report each user is supposed to see only the cost centers for travel expense (for User1: 4710, 5710).

      This is quite a trivial requirement, right?

      How can this be implemented (without resorting to a heap of varaible programming)?

      Greetings,

      Martin

  • Posted on Jul 09, 2020 at 10:29 AM

    Try to add the authorization variable AND the filters for travel expenses, See if this results in the intersection of both sets.

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member

      Exactly this is what I tried to begin with and which results in 'No authoriztion' (and hence prompted me to open this thread).

      Crazy that such a seemingly simple requirement cannot be easily implemented, no?

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.