I have 2 doubts that I need to confirm with you:
an aggregation level has nav attributes A__C and B__C.
A__C is restricted by authorization variable in the filter section of the query.
A__C is shown in the rows as well.
B__C is not defined anywhere in the aggregation level and the query.
Authorization is created for the user on A__C and B__C and assigned to user via the BI7 auth admin tcode(s).
The requirement is to control such that user cannot access certain values of Both A__C values and B__C values found in records. In this case, user is set to access only :
A__C : 1111
B__C : 2222
A record exist like this :
A__C **** B__C **** KF
1111 **** 3333 **** $1000
1. when the query is executed, authorization check is ok for A__C and the query should execute.
But given that this user is not authorized to B__C = 3333, will the KF value of $1000 be displayed by the query at runtime assuming the query only is selecting A__C and the KF?
If it does not show results or shows 'not authorized' , can I say its due to B__C = 2222 is granted and not B__C = 3333 was granted?
Else if it does show the $1000, can I say that even if B__C is set = 2222 in the user profile / authorization object assigned, there is no effect of authorization in this case and the record having B__C = 3333 will be displayed with the KF value (B__C value still will not be shown as its not in the query definition).
2. Assuming char C is defined in the query and aggregation level, must this be individually restricted (i.e set auth of C = value1, value2 .....) in authorization object or roles in order that the effect of A__C is achieved where authorization values for A__C is defined by setting auth of A__C = value 1, value2 ...?
Scenario A: char C is in the aggregation level but not used in the query definition in the rows and filter.
Scenario B : char C is in the aggregation level and used in the query definition in the rows.
What would the result be in the above 2 scenarios ?
Hope to get enlightened about this aspects.
Thanks in advance.
Edited by: pointes rexiproca on Apr 3, 2008 6:21 PM
Edited by: pointes rexiproca on Apr 3, 2008 6:22 PM