We have a Security related requirement for one of our clients. Our client wanted to make one of the selection prompts in our BI report as authorization relevant, say for example Division, if a user is assigned to the 'BAKERY' division then the user should not be able to see the results for any other division but BAKERY. This was done successfully. But the catch is that there is another level of hierarchy called Category in the prompts (or any other child node) - If the user explicitly enters her/his Division as 'BAKERY' and the selects a Category (for example MUFFINS) then the report runs correctly, but if the user does not explicitly enter the Division information and leaves it blank and just enters the category as MUFFIN then the user is hit by a 'No Authorization' message. So I guess my question is that is there a way where SAP implicitly checks for this authorization and the user does not have to explicitly enter the authorization relevant prompt ?
This is for user $BATMAN who has authorization to BAKERY
If the user enters BAKERY in the Segment Field (Auth relevant field) and puts a category as Breakfast Foods
The user get a result , although there is no data here since this is dev, the expected result is Correct.
But if the user does not enter the Segment and runs it only with the category (same category as the above and a category falling under the user’s authorized segment)
The user gets the message as No Authorization which is an incorrect message since the user is authorized for this segment and hence the category under this segment.
Business expects to see the result in the same as the one above
Hope this clears the requirement.
Thanks for reading - Your help is highly appreciated !