I have been looking into a problem recently related to authorizations in the CRM WebShop.
Basically my requirement is such that I need to restrict the display, ability to order of a product in the product catalog for a given B2B user.
Having done some investigation I see that SAP have provided a standard role for the B2B sales order called
SAP_CRM_ECO_ISA_WU_B2B_ORDER (there are others). In this role there is an authorisation object called COM_PC_AUT which is described as "Authorisation object for Product Catalog Browsing".
However, looking at this object is seems only to be possible to restrict the display of prices, I also can't seem to find an alternative object that could be used to restrict the data as I wish. Reading the authorization object documentation it would suggest that this object is what is required...
COM_PC_AUT is the authorization object which should be used to grant Internet Users the access rights to different activities while browsing the product catalog in the E-Commerce Application.
With the field value settings of this object, it would be possible to restrict user activities in the product catalog.
For example: A user would be able to see prices in the product catalog, only if he has the relevant authorisation.
Does anyone have any idea how I could service this requirement or maybe extend this object in order to provide such support, I assume there would also need to be a degree of modification with the JSP in order that it took account of these authorizations when building the page.