cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

authorisation for characteristics values

Former Member

on ‎05-15-2006 7:03 AM

0 Kudos

Hi friends,

i want my queries in Bex to be executed based on char value level authorisation.

for eg. a user authorised for a pariticular sales office should see values for his sales office only in all the queries.

same queries can be used by other user and should be able to see based on his authorisations.

In the above eg. what if the sales office field in in the free characteristics and is not a part of actual output.

a detailed step by step procedure expected.

thanking you all...

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

edwin_harpino
Active Contributor
‎05-15-2006 7:18 AM
0 Kudos

hi S B,

say you have infoobject sales office 0sales_off try

1. make infoobject ready for authorization

transaction RSD1, type in your infoobject sales office,

go to tab 'business explorer', mark 'authorization relevant'

2. create reporting authorization object

transaction RSSM, give a name e.g ZSOFF, click button 'create' (blank page icon), give description,

in next screen, locate 0sales_off in right side, and move to left side and save. (you may need 1KYFNM also)

3. mark infoprovider

transaction RSSM, type create reporting authorization object, ZSOFF and option 'check for infocubes' and click pencil icon, in next screen mark infoprovider(s) where you query come from.

4. create role and assign users

transactin PFCG, create new role, and tab 'menu' assign with the reports, then 'authorization' tab, and click 'change authorization data', choose ZSOFF and assign value. tab 'users', assign your users.

hope this helps.

Show replies
Show replies
Former Member
‎05-15-2006 7:24 AM
0 Kudos

Hi AHP,

cannot see the points indicator. you must get all points.

how do i assign as cannot see those radio buttons?

i will check again in some time.

thanking you.

Former Member
‎05-15-2006 8:35 AM
0 Kudos

Hi,

i followed all steps mentioned by AHP. i created the object zsales_off and restricted in the authorisations in the assigned role to certain desired values.

Now when i try to execute queries, they don't evn show me data for other sales offices in the ouput and give me a message:

you do not have authorisation to read object zsales_off.

my cube has data for all sales offices, my query should show atleast for other sales offices.

any suggestions?

Former Member
‎05-15-2006 11:26 AM
0 Kudos

Hi,

any suggestions? Finally i could assign points!!

Please help in the above problem.

edwin_harpino
Active Contributor
‎05-15-2006 11:50 AM
0 Kudos

hi S B,

you can only have report displayed with the 'certain desired values' you assigned.

try give * and see if the report display all sales office.

hope this helps.

Former Member
‎05-17-2006 6:09 AM
0 Kudos

Hi AHP,

i did not understand it.

i can execute the report if i select sales office values for which i am authorised.

If i dont specify any selection option, does it not mean that the query has to be executed for all values for sales office!!

where do i give "*"? i tried giving * in the variable user input(selection option) for sales office, but it does not accept it!!(the variable here is of type "multiple selection values").

Please suggest any solution so that the query when executed should only show records based on user authorisation for sales values.

thanks,

edwin_harpino
Active Contributor
‎05-17-2006 6:24 AM
0 Kudos

hi S B,

if you didn't specify any selection, query will be executed for all values that AUTHORIZED for the user as

specified in his/her role, so not all values in

infoproviders.

if you are going to automatically displayed all authorized values for user without input, you can use variable with processing type authorization'.

http://help.sap.com/saphelp_nw2004s/helpdata/en/61/579b3c494d8e15e10000000a114084/frameset.htm

http://help.sap.com/saphelp_nw2004s/helpdata/en/44/599b3c494d8e15e10000000a114084/frameset.htm

regarding '*', basically it will give all values access

to user, i think it's now what you want, however you can

check with tcode PFCG and modify the role assigned to

the user, tab 'authorization', 'change authorization

data', locate the reporting authorization object, and

expand, you can then change the value here.

hope this helps.

Ask a Question