on 09-27-2017 11:26 AM
Dear All,
We are doing PoC for FIORI SoD analysis for the following, please assist if you have worked on designing Ruleset for FIORI SoD , as we are facing challenges in getting permission level SoD results for FIORI for different combinations mentioned below.
We have created separate functions as below
Functions Function descripitions (EN) Business ProcessZTCD01ZTCD01 - Function with TCODESFI00ZTCD02ZTCD02 - Function with TCODES restricted with permissionsFI00ZODT01ZODT01 - Function with ODATA servicesFI00ZFAP01ZFAP01 - Function with Fiori AppFI00ZWDP01ZWDP01 - Function with WebDynPro applicationsFI00Have Risk IDs for different combinations
Risk IDs Function 1 Function 2 Business Process Criticity Status Risk Type Rule SetZSOD01ZTCD01ZODT01FI00HighActiveSoDFIORI_TESTZSOD02ZTCD01ZFAP01FI00HighActiveSoDFIORI_TESTZSOD03ZTCD01ZWDP01FI00HighActiveSoDFIORI_TESTZSOD04ZODT01ZWDP01FI00HighActiveSoDFIORI_TESTZSOD05ZFAP01ZWDP01FI00HighActiveSoDFIORI_TESTZSOD06ZODT01ZFAP01FI00HighActiveSoDFIORI_TESTZSOD07ZTCD02ZODT01FI00HighActiveSoDFIORI_TESTZSOD08ZTCD02ZFAP01FI00HighActiveSoDFIORI_TESTZSOD09ZTCD02ZWDP01FI00HighActiveSoDFIORI_TESTZCRP01ZODT01FI00HighActiveCritical PremissionFIORI_TESTZCRP02ZFAP01FI00HighActiveCritical PremissionFIORI_TESTZCRP03ZWDP01FI00HighActiveCritical PremissionFIORI_TESTAt permission level for each function values maintained
Function ID Function description Action Permission Field Value From Value To Logical Operator StatusZTCD01ZTCD01 - Function with TCODESCV01NN/AN/AN/AN/AN/A0ZTCD01ZTCD01 - Function with TCODESCV04NN/AN/AN/AN/AN/A0ZTCD01ZTCD01 - Function with TCODESBPN/AN/AN/AN/AN/A0ZTCD02ZTCD02 - Function with TCODES restricted with permissionsCV01NC_DRAW_TCDDOKARTESTAND0ZTCD02ZTCD02 - Function with TCODES restricted with permissionsCV01NC_DRAW_TCDACTVT01AND0ZTCD02ZTCD02 - Function with TCODES restricted with permissionsCV01NC_DRAW_TCDACTVT02AND0ZTCD02ZTCD02 - Function with TCODES restricted with permissionsCV01NC_DRAW_DOCDOKARTESTOR0ZTCD02ZTCD02 - Function with TCODES restricted with permissionsCV01NC_DRAW_DOCACTVT02OR0ZFAP01ZFAP01 - Function with Fiori App^!TEST_F_APPS_SERVICESRV_TYPEHTAND0ZFAP01ZFAP01 - Function with Fiori App^!TEST_F_APPS_SERVICESRV_NAME4AEF0B1B609165AB1F1B406F75799FOR0ZFAP01ZFAP01 - Function with Fiori App^!TEST_F_APPS_SERVICESRV_NAME63D5D2B293EF3AB6D73A10C0893873OR0ZFAP01ZFAP01 - Function with Fiori App^!TEST_F_APPS_SERVICESRV_NAME75B1441FF4DE5AA6906ADEB2326695OR0ZFAP01ZFAP01 - Function with Fiori App^!TEST_F_APPS_SERVICESRV_NAME7AD2B9B152A399009BC97DFABA884BOR0ZFAP01ZFAP01 - Function with Fiori App^!TEST_F_APPS_SERVICESRV_NAMEAB088B10113EAC3BC6349F4E933053OR0ZFAP01ZFAP01 - Function with Fiori App^!TEST_F_APPS_SERVICESRV_NAMEFB3151E3518C6479718DF337170962OR0ZODT01ZODT01 - Function with ODATA services^!TEST_ODATAS_SERVICESRV_TYPEHTAND0ZODT01ZODT01 - Function with ODATA services^!TEST_ODATAS_SERVICESRV_NAMEABC5A2651FDDDA3E4C90CF317938F0AND0ZWDP01ZWDP01 - Function with WebDynPro applications^!TEST_WDPS_STARTAUTHOBJNAMWDA_FCLM_BAM_ACC_MASTEROR0ZWDP01ZWDP01 - Function with WebDynPro applications^!TEST_WDPS_STARTAUTHOBJNAMWDA_FCLM_BAM_HIERARCHYOR0ZWDP01ZWDP01 - Function with WebDynPro applications^!TEST_WDPS_STARTAUTHOBJNAMWDA_FCLM_BAM_HIER_BPOR0ZWDP01ZWDP01 - Function with WebDynPro applications^!TEST_WDPS_STARTAUTHOBJNAMWDA_FCLM_BAM_HIER_MAINTAINOR0ZWDP01ZWDP01 - Function with WebDynPro applications^!TEST_WDPS_STARTAUTHOBJNAMWDA_FCLM_UPLOAD_DOWNLOADOR0ZWDP01ZWDP01 - Function with WebDynPro applications^!TEST_WDPS_STARTAUTHOBJTYPWDYAOR0ZWDP01ZWDP01 - Function with WebDynPro applications^!TEST_WDPS_STARTAUTHPGMIDR3TROR0Roles having conflicting functions
Role ID Role contents Relevant SoD FunctionsZHP1:0001_TILESS_TCODE ZTCD01 & ZTCD02ZHP1:0001_TILESS_SERVICE [Fiori App]ZFAP01ZHP1:0001_TILE1S_SERVICE [ODATA]ZODT01ZHP1:0003_TILE2S_START [WEBDYNPRO App]ZWDP01Users assigned with roles and expected SoDs, we are ok with action level and critical permission level but not able to detect at permission level.
Test Users Assigned Roles Expected SoD resultsZTESTSOD01ZHP1:0001_TILESZSOD02 - Action LevelIssue:
if possible can you share your inputs or feedback to get the desired outcome as expected above
PS : Not able to detect any risk at action, permission or critical permission for webdynpro for any possible combinations.
Appreciate your quick response with solution
ThanksMaltesh J
Dear Maltesh,
that should be available in 10.1 SP19. Please check the following advance note that might be helpful:
Let us know if it works.
Regards, Alessandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
14 | |
4 | |
2 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.