Skip to Content
author's profile photo Former Member
Former Member

Analysis Authorization for Dynamic Query Selection using Customer Exit Variables - Is this possible?

Hello everyone!!

I want to develop a dynamic authorization concept, based on authorization table (1) and on user selection (2), valid across the system. The idea is, that different user groups receive different authorizations based on their business roles, irrelevantly of the query they use.The authorizations of the business roles are maintained in an authorization table. So far so good.

The crux is that in some cases the same user should receive different authorizations ('*' or ':'), based also on the query selection.

For example: We have a query with 3 InfoObjects (IO): SALES, COUNTRY, REVENUE. For both SALES and COUNTRY we have authorization objects filled with 2 customer exit variables. The authorization objects are not ready for input, as those should be filled in the customer exit, based on the user's authorizations.

A sales representative in Germany should see the REVENUE and all SALES '*' for COUNTRY "Germany", thus in the initial query selection screen the user receives all 3 InfoObjects, COUNTRY is filtered for Germany.

When the user removes IO COUNTRY and IO SALES in the Query Navigation, the combined REVENUE for all COUNTRIES should be displayed, e.g. SALES and COUNTRY authorizations should be ':'.

If the user wants to see all SALES without the country, nothing should be displayed for missing authorizations, SALES = ':'.

If the user then takes again COUNTRY in the Query Navigation, the initial results should be displayed.

Do You know, if this kind of dynamic authorizations is even possible?

If step 2 is used in the initial navigation, to filter the query with 'Germany' also step 3 and step 0 are executed in that order. For every following user navigation, only i_step = 0 is executed.

Add comment
10|10000 characters needed characters exceeded

1 Answer