Skip to Content
0

Authorization Syn from bucket to Item..

Apr 23 at 07:05 PM

38

avatar image
Former Member

Hi,

We have requirement to copy security roles from bucket to Item and from there to project and task. I did some research and found that BADI 'INM_OF_SYNC' method 'GET_AUTHORIZATION_SYNC' is being used to do this..

Inside the BADI, i am getting GUID of item ( with item filter). However on looking at the table ACO_ROLE for that Guid, only manually assigned roles are visible in this table. All the roles that are inherited ( which can be see in screen by clicking 'Show All', are not available in this table.

Can you please advice, how to get all the inhibited roles at the project creation role. The hierarchy is Portfolio--> Bucket-> Item -> Project-

I am looking for roles( Inherited and manual) to copy into Project..via BADI 'INM_OF_SYNC' method 'GET_AUTHORIZATION_SYNC'

Thanks!

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

2 Answers

Judith Gabriel
Apr 24 at 08:16 AM
0

Hi,

Information concerning the usage of BAdI INM_OF_SYNC to synchronize inherited authorization from item to project can you find in
SAP Note 1249825.

To synchronize direct assigned authorizations from item to project you can use the DFM customizing for Authorizations. Information are available in Wiki: https://wiki.scn.sap.com/wiki/display/PLM/Authorization+Synchronization



Best regards,
Judith

Share
10 |10000 characters needed characters left characters exceeded
avatar image
Former Member Apr 24 at 12:20 PM
0

Thanks for the info!! I have looked at this note and it gave me BADI but nothing much to code..!! My issue was table ACO_ROLE only gives me user given ( manual) authorization..!! For e.g.from bucket to Item, authorization is inherited and displayed when you click on show all..!! However,when you query this table, you will not find single record as it only stores the user given authorization, not the inheritated one..

After some research, found a method CALL METHOD /rpm/cl_acl_api->/rpm/if_provider_access~retrieve.This is giving me the inherited authorization only.. My plan is to use this and also do query with ACO_ROLE and collect all the records from both and update ct_user_roles in BADI

Also, while moving item from one bucket to another, i have to remove all previous authorization that item has put authorization that are in new bucket..!! Please advice, if any one has done that before..

Thanks!

Share
10 |10000 characters needed characters left characters exceeded