Skip to Content
avatar image
Former Member

Authorization Syn from bucket to Item..

Hi,

We have requirement to copy security roles from bucket to Item and from there to project and task. I did some research and found that BADI 'INM_OF_SYNC' method 'GET_AUTHORIZATION_SYNC' is being used to do this..

Inside the BADI, i am getting GUID of item ( with item filter). However on looking at the table ACO_ROLE for that Guid, only manually assigned roles are visible in this table. All the roles that are inherited ( which can be see in screen by clicking 'Show All', are not available in this table.

Can you please advice, how to get all the inhibited roles at the project creation role. The hierarchy is Portfolio--> Bucket-> Item -> Project-

I am looking for roles( Inherited and manual) to copy into Project..via BADI 'INM_OF_SYNC' method 'GET_AUTHORIZATION_SYNC'

Thanks!

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Apr 24 at 08:16 AM

    Hi,

    Information concerning the usage of BAdI INM_OF_SYNC to synchronize inherited authorization from item to project can you find in
    SAP Note 1249825.

    To synchronize direct assigned authorizations from item to project you can use the DFM customizing for Authorizations. Information are available in Wiki: https://wiki.scn.sap.com/wiki/display/PLM/Authorization+Synchronization



    Best regards,
    Judith

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Apr 24 at 12:20 PM

    Thanks for the info!! I have looked at this note and it gave me BADI but nothing much to code..!! My issue was table ACO_ROLE only gives me user given ( manual) authorization..!! For e.g.from bucket to Item, authorization is inherited and displayed when you click on show all..!! However,when you query this table, you will not find single record as it only stores the user given authorization, not the inheritated one..

    After some research, found a method CALL METHOD /rpm/cl_acl_api->/rpm/if_provider_access~retrieve.This is giving me the inherited authorization only.. My plan is to use this and also do query with ACO_ROLE and collect all the records from both and update ct_user_roles in BADI

    Also, while moving item from one bucket to another, i have to remove all previous authorization that item has put authorization that are in new bucket..!! Please advice, if any one has done that before..

    Thanks!

    Add comment
    10|10000 characters needed characters exceeded