on 11-28-2007 1:10 PM
Hi,
When a user opens a BP (via BP transaction or open method of BOR object) in CRM, I want to do some custom check. Based on the check, I want to decide whether this user is allowed to open this BP or not. If this check fails, I want to display an error message (No authority to display this BP). Only if the check is successful, that BP should open.
Any idea where can I write this type of code?
I checked a few BADIs (BUPA_LOCK, HRSYNC_P etc.), but didn't find anything useful.
Regards,
Kaushal
I know this is an old post but just wanted to say thanks to Stephen Johannes to his post on enhancing the BP transaction processing. It works quite nicely. I used it to intercept a "Change Role" event and performed some processing as required.
Cheers
John
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Why dont you use <b>CRM authorizations</b> to setup your requirements.
You have several authorisation objects to limit the creation/change/display of SAP business partners in SAP CRM.
some of these objects are based on:
- business partner role
- authorization group
- field groups
- authorization types.
cheers
davy
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Davy,
Thanks for the reply.
But I cannot use CRM authorizations because I need to do this check based on company code, which is not stored in CRM. So, I will have to do an RFC to R/3 system to fetch company code of the BP which user is trying to display/edit.
That's why I need to write this code somewhere.
Regards,
Kaushal
checks on company code in R/3? strange strategy ..
I can assume a customer wants his employees only to see business partners that belong to the same sales organization...
This can also be accomplished using a standard authorisation object..
Next, I know you can also accomplish something using Territory management...
based on attributes I believe you might be able to limit BP access ...
If you really need to do a check on Company code...you will need to create a new authorisation object and create your own coding I suppose..
Yes, I've accepted the fact that I need to create a new authorization object and have to write some coding.
I also know that I need to write this code at a place (mostly a BADI) which will be called everytime a user tries to open a BP (display or edit mode).
So, now the task is to find that BADI.
Any help would be appreciated.
Regards,
Kaushal
<b>Could you explain the logic based on company code you want to implement?</b>
What relation would a company code have with regards to either your employee or the business partner (sold-to-parties) and in what way you are functional thinking about building up your restrictions.
Suppose you could create a new field on Business partner level, e.g. company code. this can be done using the EEWB.
Now, if for all relevant business partners the field company code would be filled (either manually or via a mass change program using some BAPI) or via download from R/3 , you could use the authorization check based on Field Groups.
That's one way of achieving this. But that would involve mass update of existing customer plus an additional mechanizm of populating this field for new business partners.
I don't want to complicate things on CRM side.
I was thinking of checking company code for a BP by making an RFC call to R/3. Then I can programatically call new company code auth object by passing this company code & activity (display, update etc.). If auth object fails, transaction will be terminated and BP won't be opened.
That's why I have been searching for a BADI to write this piece of code.
Regards,
Kaushal
Kaushal,
For transaction BP in CRM we need to do the following(this won't work in the PCUI).
1. Create a new class that implements: IF_BUPA_DIALOG_JOEL_EXIT
2. Create a new function group that has a subroutine called bupa_dialog_joel_exit_create which is coded similar to the subroutine in function group BUPA_DIALOG_JOEL, but calls the class you created in step 1.
3. Implement the method IF_BUPA_DIALOG_JOEL_EXIT~CAN_CHANGE_PARTNER in your new class.
4. Add Z-entries to the application tables below that will reference the new funciton group created above.
TBZJ4 -> V_TBZJ4
TBZJ4C -> V_TBZJ4C
The class CL_BUPA_DIALOG_JOEL_EXIT is an example of the implemented class.
This enhancement mechanism should allow you to do want you want to do and at the right timing in the BP transaction.
Good luck,
Stephen
Kaushal,
Perhaps you can use the ACE in CRM to implement this check. Do a search on Access Control Engine in this forum or look at the standard help for ACE located at:
http://help.sap.com/saphelp_crm40/helpdata/en/14/c318c131d0dd45b0c3da5520602c92/frameset.htm
Good luck,
Stephen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
7 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.