Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Restriction for table maintainence

Former Member

‎03-19-2010 5:56 AM

0 Kudos

Hello Gurus,

I am working on a SLO project, where i had merged 5 source systems to one system.

In few roles in source systems for table maintainence the authorization groups is maintained as '*' in production.

In source systems if they maintain * they would be able to display/change the data related to that system only.

But now in target system , if we maintain * in authorization group they are able to display/change the data related to all the 5 systems.

This need to restricted, Please provide some pointers on how this can be done.

This restriction should be in such a way that they should be able to change data related to the system they belong to .

Thanks,

Sanketh.

5 REPLIES 5

Former Member

‎03-19-2010 7:12 AM

0 Kudos

In target maintain particular authrization group they need to change or display.

Thanks,

prasant K paichha

Former Member
In response to Former Member

‎03-19-2010 7:57 AM

0 Kudos

Thanks for the reply prashanth.

But , suppose consider users are maintaining table T001B. ( they are maintaining it through parameter transactions).

as it is a standard table it has been assigned to same authorization group in both source and target systems.

In source system , user is able to view data related only that system.

But in target system user is able to view other system data also.

How can i restrict this data ?

Thanks,

Sanketh.

Former Member
In response to Former Member

‎03-19-2010 8:08 AM

0 Kudos

Create Auth group, associate Table with authgroup, as standard auth group will be same accross diffrent system and can be easily accessed from system.

Thanks,

prasant k paichha

Former Member
In response to Former Member

‎03-20-2010 3:34 PM

0 Kudos

> 

> Thanks for the reply prashanth.
> 
> But , suppose consider users are maintaining table T001B. ( they are maintaining it through parameter transactions).
> as it is a standard table it has been assigned to same authorization group in both source and target systems.
> In source system , user is able to view data related only that system.
> But in target system user is able to view other system data also.
> 
> How can i restrict this data ?
> 
> Thanks,
> Sanketh.

Hi Sanketh,

I hope you are progressing with your SLO task. Once you have finished this project, most things will be simple in comparison

Unfortunately your requirement is not a simple one

You could use line item auths (nasty to set up IMO). Have a search for info on auth object S_TABU_LIN

Alternatively you could introduce auth checks on key auth fields (e.g. BUKRS, WERKS etc) into the method that you use to display table data. This would likely require new transactions with validation code that is performed before data is displayed or limits what can be updated. Another messy approach would be to use parameter transactions that pass in an org unit into the table selection criteria. You would need one for each org unit so will likely not be practicable.

What I would say is that focus on what is legally required. If none of it is required by law then focus on getting the rest of your consolidation done first and then address this in partnership with your project development team.

Former Member

‎03-23-2010 5:49 AM

0 Kudos

Thanks for all your replies.