on 09-26-2006 5:20 PM
Hi SRM Gurus,
I'm currently working with SRM_SERVER 500(SAPKIBKS09) release, we are using Approval Shopping Cart n-Level (BADI) workflow. Today we discovered that the requester is able to change any approvers that are propose by system. How can we restrict this functionality !?
Cheers,
Raphaë
I worked with Monique and our solution was to modify the BADI SAP_CHNG_AGNT_ALLOW method AUTHORISE_FOR_CHANGE.
METHOD if_ex_bbp_chng_agnt_allow~authorise_for_change.
------------------------------------------------------------------- *
IV_OBJECT_ID TYPE CRMD_ORDERADM_H-OBJECT_ID OPTIONAL
IV_OBJECT_TYPE TYPE CRMD_ORDERADM_H-OBJECT_TYPE OPTIONAL
IV_GUID TYPE BBP_GUID_32 OPTIONAL
IV_WORKITEMID TYPE SWR_STRUCT-WORKITEMID OPTIONAL
IV_MODE TYPE CHAR1 OPTIONAL
IV_USER TYPE SYST-UNAME OPTIONAL
IV_SCENARIO TYPE BBP_SC_SCENARIO OPTIONAL
IV_TASK TYPE SWD_STEP_T OPTIONAL
IV_ACTIVITY TYPE SYUCOMM OPTIONAL
EV_ADD_BUTTONS_DISABLED TYPE CHAR1
------------------------------------------------------------------- *
*{ INSERT
To restrict user to change an approver during approval process.
In approval preview, if user clicks on approver's name,
user will get details of approver at the bottom of the screen with a 'Change' button.
We would like to disable this 'Change' button.
EV_CHNG_BUTTONS_DISABLED = 'X'.
*} INSERT
ENDMETHOD.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
As Fisher has explained,the BADI "BBP_CHNG_AGNT_ALLOW" (implementation name is "SAP_CHNG_AGNT_ALLOW ") can also be used to disable the ADD APPROVER/REVIWER button.
You will have to deactivate the Std implementation for this BADI and in your custom implementation use the methods AUTHORISE_FOR_CHANGE and AUTHORISE_FOR_INSERT.
<u><b>For AUTHORISE_FOR_CHANGE :</b></u>
ev_chng_buttons_disabled = 'X'.
<u><b>For AUTHORISE_FOR_INSERT</b></u>
*No addition of Approver possible
ev_add_buttons_disabled = 'X'.
*No addition of Reviewer possible ev_chng_buttons_disabled = 'X'.
Generally for screen enhancements ,if the Std BADI's are available,use that else go for template changes.
BR,
Disha.
Pls reward points for helpful answers.
We did not disable the feature to add approvers/reviewers. We want users to be able to add approvers/reviewers, just not change them. We removed the ability for the users to change the approver. In the approval preview, if you click on the approver, it gives you more details below the preview section. There was a button "Change" there that allowed the users to change the approver.
Hi All,
Many thanks for your help !!! Problem's solved.
My request was very similar to Monique's description.
Now with implementation of this BAdi BBP_CHNG_AGNT_ALLOW~AUTHORISE_FOR_CHANGE our workflow process is more secure ! Thanks again to Li for his technical description that help me a lot.
Definitevely I like really this Forum ... you're great !
Cheers,
Raphaë
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Monique,
This sounds very interesting to me.
Yes, please could send me this information.
Many Thx
Rafi
Message was edited by: rafi jermann
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Disha, Sundeep,
Thx for your helpful answers, I've checked BBP_WFL_SECURITY parameter on user level and currently it's set to '0-Not Defined' for all requesters.
Mainly we want to authorize users to add additional approvers/reviewers if needed, but what we want to restrict is that enduser can modify/overwrite the approvers proposed by system.
And right now in SRM application, when you edit details (by switching the Approval preview to 'Display as Table') from any approvers you are able to change it completely. That's dangerous !
I think you're right the only way to restrict that is to change Approval preview template. I don't know if we can do this over screen variants ? Do you know in which template I can find this !?
Cheers,
Rafi
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
The service for the Approval Preview is "BBP_PREVIEW".The corresponding templates to be modified are "SAPLBBP_PDH_WFL_1000(for graphic view)" and "SAPLBBP_PDH_WFL_1100(For table view)".
we have removed the ADD APPROVER button at our place and the foll code does that:
<u>In "SAPLBBP_PDH_WFL_1000".</u>
`BBPGroupBegin()`
`if ((WF_SCENARIO == "SC") || (WF_SCENARIO == "CF") || (WF_SCENARIO == "IV") ||
(WF_SCENARIO == "RT") || (WF_SCENARIO == "CM") || (WF_SCENARIO == "PO"))`
`BBPButtonBegin()`
`if ((GV_ADD_APPROVER_DISABLED == "X") || (GV_IS_VIEW_ITEM_LEVEL == "X"))`
`BBPDisabledButton(BUTTON_ADD_REVIEWER.label)`
`BBPButtonSpace()`
`BBPDisabledButton(BUTTON_ADD_APPROVER.label)`
`else`
`BBPButton(BUTTON_ADD_REVIEWER.okcode, BUTTON_ADD_REVIEWER.label)`
`BBPButtonSpace()`
<b><!-- `BBPButton(BUTTON_ADD_APPROVER.okcode, BUTTON_ADD_APPROVER.label)` --></b>
`end`
<u>In "SAPLBBP_PDH_WFL_1100":</u>
<!-- `if ( (WF_SCENARIO == "SC") || (WF_SCENARIO == "CF") || (WF_SCENARIO == "IV") ||
(WF_SCENARIO == "RT") || (WF_SCENARIO == "CM") || (WF_SCENARIO == "PO") ||
(WF_SCENARIO == "BI") )`
`BBPButtonBegin()`
`if ((GV_ADD_APPROVER_DISABLED == "X") || (GV_IS_VIEW_ITEM_LEVEL == "X"))`
`BBPDisabledButton(BUTTON_ADD_REVIEWER.label)`
`BBPButtonSpace()`
`BBPDisabledButton(BUTTON_ADD_APPROVER.label)`
`else`
`BBPButton(BUTTON_ADD_REVIEWER.okcode, BUTTON_ADD_REVIEWER.label)`
`BBPButtonSpace()`
<b><!-- `BBPButton(BUTTON_ADD_APPROVER.okcode, BUTTON_ADD_APPROVER.label)` --></b> `end`
`BBPButtonEnd()`
`BBPVSpace()`
`BBPVSPACE()`.
If you need to disable the button,use,
`BBPDisabledButton(BUTTON_ADD_APPROVER.label)` instead of commenting the line for the ADD APPROVER button.
HTH.
BR,
Disha.
Pls reward points for useful answers.
We found that there was a delete icon next to the approvers when you clicked on their name in the approval preview which allowed the users to change the approver. Our programmer actually removed the delete icon from the screen.
If you need more info, let me know and I'll see what I can find out.
For some reason, when you click on an approver's name in the approval preview (after the cart is already saved), there will be more details underneath the preview. This would include the approver's name, phone number, etc. It also included a trash can icon next to the name. A user is able to click on that trash can to remove the approver and replace them with another approver.
Correction...the icon may have actually been the word "Change". This allowed the user to change the approver.
Message was edited by: Monique Stephens
Hi,
The BBP_WFL_SECURITY parameter controls whether the user can change the SC.But for changing the Approvers,you have the ADDAPRROVERS/REVIEWERS Buttons which you will have to disable /remove the ADD APPROVERS button in the Approval Preview screen if you wnat to resrtrict the user from changing the Approvers.For this you will have to modify the Approval preview template.
BR,
Disha.
Pls reward points for helpful answers.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Rafi,
You can restrict this authority by maintaining a High "1" or "4"...(i dont have a system in front of me)authorization level for all users in the personalization tab of their user profiles. Also you can take a look at the BBP_WFL_SECURITY BADI. I dont know the exact name but something like that, which might suit your requirement.
Standard is to maintain the security level at the user profile level in the personalization tab.
PLease assign points for usefull answers !!
Sundeep
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.