Skip to Content
avatar image
Former Member

Intersecting Authorizations

Hello Gurus,

Im having a trouble with authorizations in BI-IP . Im trying to do authorizations for cost planning. But values for combination of cost centers and cost elements are intersecting. And when i use both of them, i get message that user is not authorized. For example ;

USER01 will have two authorizations : Authorization1 and Authorization2

Authorization 1:

Cost Center : 1100 , Cost element : 77000001 - 77000099 (for only his department)

Authorization 2 :

Cost Center : 1100 - 1400 , Cost element : 76000001 - 760000099 (other department's costelemnts)

USER01 is going to enter his values to the input ready query. And when he opens the query, he chooses the variable value of costcenter. If he chooses 1100, he must see the costelemnts of 77000001-7700009 and 76000001 - 760000099 .

But if he chooses 1200, he must see the only costelements from 7600000 to 76000099 .

In rsecadmin, i created two authorization objects. And i added 0TCT* infoobjects and the other authorization related objects. I created two roles (PFCG) and assigned those authorizations to those roles. And i assigned those roles to the USER01.

I added the authorization related variables for costelement, and costcenter to the query.

When i give the user roles individually,the authorization works ok. And the query returns right results.

Problem is; when i give the two role in same time, authorization fails.

I made all analysis from rsecadmin. Authorization fails in only costcenter and costelement combinations . Other authorization objects works ok.(infocube, rrmx etc. )

Is there anybody who faced a similar situation?

Thanks in advance,

Regards...

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

1 Answer

  • avatar image
    Former Member
    Sep 08, 2008 at 12:39 PM

    Can you try this?

    Authorization 1:

    Cost Center : 1100 , Cost element : 77000001 - 77000099 (for only his department)

    76000001 - 760000099

    Authorization 2 :

    Cost Center : 1101 - 1400 , Cost element : 76000001 - 760000099 (other department's costelemnts)

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Hi,

      I tried what you offered. But still not authorized. Anyway, i dont want to give only one costcenter authorization to the user. Becouse it works for only one costcenter.

      He/she will be responsible more than one costcenter. But he/she will see different costelements when he/she chooses one costelement from variable in query.

      Maybe i should ask the question like that : How can i give different ''costcenter-costelement '' combinations authority to one user ?

      Thanks.