Skip to Content
avatar image
Former Member

Prevent editing on some Queries

Hi everyone, I have a question about how to prevent BI developers (we have a group of 7 ppl) from editing some very important Queries in a BI development system.

I've been reading a little about BI Security and found a pair of Authorization Objects that can help on this task: S_RS_COMP & S_RS_COMP1.

Unfortunately the way Role Based Security works would make me create several entries for this Authorization Objects listing EACH AND EVERY query I want to PERMIT editing (ACTVT = 2) and leave out those that I don't want to allow.

Using this approach would require the modification of the role every time a Developer creates a new Query to include it in the restriction.

Another way to do this is using some naming convention in the queries that I don't want to permit editing. But, since these queries already existed and use the same naming standar of all queries, the list of queries I would have to copy and give a new technical name is HUGE!

JD

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Best Answer
    avatar image
    Former Member
    Jul 14, 2010 at 08:39 PM

    Junan,

    1. As said, You can restrict on queires names

    2. restrict on infocube, you have to link the application area to specific info area and infocube. (no need to change the queries names)

    3. On query Owner

    Thanks,

    Sri

    Edited by: sri on Jul 14, 2010 4:49 PM

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Junan,

      Is it possible to change the owner of a query after creation?

      Query owner means (Creator) authority to create queries to that particular application area.

      After creation it is not possble. System will thrown error if we do like that.

      Thanks,

      Sri

  • avatar image
    Former Member
    Jul 14, 2010 at 09:43 PM

    I am just throwing this idea:

    Group the Infoprovider/infocube... link to an infoset and assign it to a user group( for users/Owners ) and the users who need to execute the queries can be put in that group maintenance will be very minimum.

    you dont have to maintain security for every user/infoprovider if you can achieve the above.

    Edited by: Franklin Jayasim on Jul 14, 2010 11:44 PM

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Also from my understanding SAP allows the BI config/development team to change user groups for infosets.

      you dont have to do anything at the system user / role level.

      Edited by: Franklin Jayasim on Jul 15, 2010 12:42 AM