Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RE: Authorization Group

Go to solution
sreekanth_sunkara
Active Participant

‎09-25-2008 2:47 AM

0 Kudos

Hi all,

Our plant at Mexico need access to a table and we created a authrization group and assigned it to that table.

then i added that correspoding tcode(which contained the requested table) to parent role ( given access to S_TABU_DIS only for that specific authoization group)

But when i distributed the change, it was distributed to all child roles including US and Mexico.

Is there any way that i can keep this one only for Mexico Child roles and not for US child roles.

Thanks,

SSSSSS

1 ACCEPTED SOLUTION

Go to solution
Former Member

‎09-25-2008 4:37 AM

0 Kudos

Hello Sun,

The whole point of having a Parent--child role concept is that the common objects will be added to the parent role and then distributed to all the child roles. And the values contained in the auth objects will be customized.

Well, if you want S_TABU_DIS specifically for the Mexico plants, you have to manually maintain the object in the Mexico plant roles.

Then the question is, is the Z(custom)Transaction needed in the praent role anymore since the related object is not.

One option could be to leave the transaction in the parent role but maintain S_TABU_DIS with the specific auth group in the local roles manually.

The other option is to create a specific role for this purpose and assign only this to the Mexico plants. (if this is worth the effort)

Regards,

Prashant

3 REPLIES 3

Go to solution
Former Member

‎09-25-2008 4:37 AM

0 Kudos

Hello Sun,

The whole point of having a Parent--child role concept is that the common objects will be added to the parent role and then distributed to all the child roles. And the values contained in the auth objects will be customized.

Well, if you want S_TABU_DIS specifically for the Mexico plants, you have to manually maintain the object in the Mexico plant roles.

Then the question is, is the Z(custom)Transaction needed in the praent role anymore since the related object is not.

One option could be to leave the transaction in the parent role but maintain S_TABU_DIS with the specific auth group in the local roles manually.

The other option is to create a specific role for this purpose and assign only this to the Mexico plants. (if this is worth the effort)

Regards,

Prashant

Go to solution
sreekanth_sunkara
Active Participant
In response to Former Member

‎09-25-2008 5:25 AM

0 Kudos

Hi Prasanth,

but if you change the authorizations manually in child role, when i make the next modification in parent role and push the changes, it will overwrite the authorizations that i maintained locally in child roles, isn't?

thanks,

SSSS

Go to solution
jurjen_heeck
Active Contributor
In response to Former Member

‎09-25-2008 7:11 AM

0 Kudos

> but if you change the authorizations manually in child role, when i make the next modification in parent role and push the changes, it will overwrite the authorizations that i maintained locally in child roles, isn't?

That is correct and it is expected behaviour. I advise you to create a separate role for this table maintenance. Especially since you've created a custom transactions for maintaining this specific table. The parent-derived concept is not meant to have differences in transactions between parents and children or amongst the children.

Edited by: Jurjen Heeck on Sep 25, 2008 3:49 PM (typo, nothing serious)