Skip to Content
avatar image
Former Member

Material Master (MM01/MM02) Field Level Security

I have the Views (M_MATE_STA) segregated per departments in my Roles.

I also have the few fields suppressed & Display-Only for MM01 & MM02 (OMS9). However the 'Field Level Restrictions', as you know, are at the transaction level. Thus, they apply to all the users.

I have a requirement to restrict few fields (MM01 & MM02) to Display Only for 'Complaince Team' & supress few fields for the 'Engineering Team' in the same 'Basic Data' view.

How do I do this ?

Thanks

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

4 Answers

  • Best Answer
    avatar image
    Former Member
    Jul 01, 2010 at 10:52 PM

    Hi Prasanth,

    I have a requirement to restrict few fields (MM01 & MM02) to Display Only for 'Complaince Team' & supress few fields for the 'Engineering Team' in the same 'Basic Data' view.

    How do I do this ?

    In this case you have build two roles, one is for dispaly access for MM01 & MM02 - this goes for complaince team

    Second role for supress few fields for the 'Engineering Team' in the same 'Basic Data' view for MM01 & MM02

    As you can't restrict both in the same role.

    Thanks

    Sri

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jul 01, 2010 at 10:24 PM

    What you need to do is plan a hierarchial approach to build this role

    the conflicts could arise between authoirization object and organizational level values

    Create roles if its a value to be populated only at authorization object level

    Level 1 highest authorization values let us say 1,2,3,4,5,6,7,8

    Level 2 .............................. values let us say 1,2,3,4,5,

    Level 3 .......................... values let us say 1,2,

    in the above case you will have to build three different roles.

    In case you have this value to be filled as Organization level

    Then build a parent role and derive three times and insert the required values.

    Lastly if you have both authorization object and organization level

    build three different role for the same but maintain the hierarchial pattern of values for each role at both authorization object and

    organizational levels.

    Edited by: Franklin Jayasim on Jul 2, 2010 12:25 AM

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jul 02, 2010 at 08:39 AM

    Hi Prashanth,

    I suppose your question deserves more thought than of creating a display role and a modify role.

    If you have the time and patience try reading earlier posts that could be similar

    here is one:[limit-mm01-according-to-field-division-spart-in-ge]

    Add comment
    10|10000 characters needed characters exceeded

  • Jul 02, 2010 at 12:49 PM

    Hi Prashanth

    There are lots of good points flying around on these posts, while you can restrict at field level, you really need to work out if you should go down this route which will likely require development effort.

    As I mentioned before, personally I would strongly consider the approach recommended by Sri & Franklin unless there is a concrete business need for further selective restrictions.

    Let us know how you get on

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Hi All,

      we have solution for this with a BADI BADI_MAT_F_SPEC_SEL, you can check OSS Note 746875 for more details with user Authorization group we can control.