Skip to Content
avatar image
Former Member

authorisation object for property tree in CG02

Dear All,

in CG02 we need to restrict the authorisation to display property trees, so that user can only see certain property tree. Which authorisation object can I use?

I have one solution, which is not optimal: go to IMG -> Environment, Health and Safety -> Basic Data and Tools -> Specification Management -> Specification Database Structure -> Settings for Value Assignment -> set up property trees,

and copy the value assignment types which belong to the property tree we need into the authorisation object C_SHES_TVH.

But is there any authorisation object with which we don't need to put in all value assignment types but only the property tree directly?

Thank you very much in advance.

Regards

Christina

Edited by: Christina H. on Nov 16, 2010 10:28 AM

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

1 Answer

  • Best Answer
    Nov 18, 2010 at 08:05 PM

    Hello Christina

    I am sorry to say: to my knowledge no such authorization object is available. But I am not quite sure regarding your demand and what you belive to "get":

    1.) a property tree (together with the nodes) is only a "useful "tool" to show you there is data maintained; you can not "hide" property trees for a user (it is to my knowledge always possibkle for the user to display any property tree which is related to spec cat (REAL_SUB) and to switch between them but:

    2.) if data is maintained in one property and if you have enough access rights (C_SHES_TCVH is here the correct object) you will see the green flag indicatin that some data has been maintained; if you have not the correct access right no "green" flag is displayed

    3.) Now within one property you have a number of chances to reduces data records (so that they are displayd or maintained) by assigning further access rights (different access object !) Here the "natural" EH&S technique is to usage the "Usage" (combination of rating with validity area). Example:;

    a.) The access concept begins in some sense from "top down". First you auhtorize the user if or if not the substance itself can be "displayed" (search for etc.) by using the substance authorization group. Now you have options to "hide" (etc.) identifiers (using other auhroization objects)

    b.) now you can grant access rights to a property (display of data records maintainjd in the property)

    c.) and on the next level you cna grant that the user can display any data record independent of usage or by specificng usages

    The access concept in EH&S is "quite" complex in some sense and since EH&S 2.7 more objects are available (Status; Inheritance; restriction etc. etc.)

    I hope that this helps

    With best regards

    C.B.

    PS: I does not make sense to my to prepare a second "density" in the system. The access rights are (can be) prepared by value assignment type. In principle you could use the SAP original one of density and prepare a further customer specific value assignment (having a different mnemonic) and then you could differentiate regarding access righs => but this is really not the option which I would use in EH&S

    PPS: I have done a further inquiry in the web and I have found this http link:

    http://www.se80.co.uk/sapreports/c/cbui/cbui11.htm

    and

    http://saphelp.hcc.uni-magdeburg.de/ecc_500/helpdata/DE/e5/2c0b42ed755f24e10000000a1550b0/Chap_25_EHS.pdf (page 6).

    So I believe the available authorization objects in EH&S starts with technical key: C_SHES*

    Furtheremore:

    http://help.sap.com/saphelp_45b/helpdata/en/41/194b6e5733d1118b3f0060b03ca329/frameset.htm (quite old !!)

    Edited by: Christoph Bergemann on Nov 18, 2010 9:06 PM

    Edited by: Christoph Bergemann on Nov 18, 2010 9:08 PM

    Edited by: Christoph Bergemann on Nov 20, 2010 7:46 PM

    Edited by: Christoph Bergemann on Nov 20, 2010 7:53 PM

    Add comment
    10|10000 characters needed characters exceeded