Skip to Content
author's profile photo Former Member
0
Former Member
Aug 10, 2005 at 08:22 PM

Authorization check without using variable of type u0093Authorizationu0094

38 Views

In WEB-reporting we want to authorize on a navigational attribute without using the variable of type

“ Authorization”. Why would we do this?

1. In a lot of queries we have to replace the existing variable of type “User entry” to a variable of type “Authorization”. We would like to avoid this work.

2. When the variable is not ready for input the Report will always include all the characteristic values for which the user is authorized. We don’s want this.

3. When the variable is ready for input on the selection screen all the authorized values are displayed and the user is able to select / deselect the values he/she wants to report. In case of a lot of authorized characteristic values the screen does not appear user-friendly.

What we want is a behavior like some parts of R/3. For example: Controlling Area X consists of the Costcenters C1000, C2000, C3000, C4000, C5000 and C6000. A particular user has authorization for Cost centers C1000, C3000 and C5000. When running a ABAP-report with Cosctcenters the user is able to select certain Costcenters. Three possibilities:

1. The user selects Costcenter C1000, C3000 and / or C5000: the ABAP reports the selected Costcenters.

2. The user selects Costcenter C2000, C4000 and / or C6000: the ABAP gives an error-message: “no authorization”.

3. The user does not select any Costcenters: the ABAP reads all the Costcenters and reports – on the basis of the users authorization – only Costcenters C1000, C3000 and C5000.

In term of BW: we would like to introduce authorizations for a specific InfoObject which is used as an navigational of an other InfoObject. In the queries a variable is used of the type “User entry”. The user can select one or more values on the selection screen; an authorization check is fulfilled. He may – however – choose to leave the selection field empty; in this case the OLAP processor should report only the authorized values (in our case the last situation results directly in an error-message “no authorization”).

Anyone has a suggestion?

Thx in advance,

Henk