Authorisation Variable
hi,
I have a Authorisation Variable which filters value accordingly in the Report.
I have created a authorisation variable with multiple single values.
For eg. we have 4 zones:-> A, B, C and D
There is a Global User which has a authorisation for A and B both. If i directly give this authorisation variable in filter it fetches both the zones data.
But let say he want to see only Zone A Data and NOT Zone B data.
What can be done to address this type of situation?
Hi Sachin,
both ways seem to be ok. Anups proposal, I guess, is to use the normal filter option in a query: First execute and then, in the executed query, just click on the characteristic and select the required filter value.
But I think The-Binhs option is better (-->faster!): Reduce the pre-selection from authorizations **before** query execution in the variable popup. You get the desired selection in the first execution step.
Regards,
Clemens
Similar Messages
-
Authorisation Variable throwing Internal Server Error - Java NullPointer Ex
Hi,
I've created an Authorisation Object on Service Organisation (0CRMSE_OG_R) and restricted it to a few values, assigned this to a role. On the BEx query, I've created a variable on Service Organisation of type Authorisation. When the report is executed on Web (Portal iView), the values for this Service Organisation variable are populated by default on the Variable Entry screen based on the Authorisation. On executing the report, it brings values based on the Authorisation.
All fine so far.
However, if on the Variable Screen when the user tries to select more values (or different values) for this Service Organisation by hitting the browse button, it throws Internal Server Error -- Java Null Pointer Exception.
I have a feeling that since it is an Authorisation Variable, it doesn't allow user to see any other values for which user is not authorised. However, should it not give a proper message instead of throwing an Null Pointer Exception?
Please advise...
Many thanks.
Regards,
Sri.Fail to make OCI connection Using JDeveloper
-
Authorisation variable using customer exit
Hi,
how to populate a authorisation object at runtime? is it possible to have a variable etc that can be populated a runtime?
I have a object zsales_off which has different values for different users. i need to create separate roles just to have different values for sales office for different users. i would like to avoid this by having a single role with the zsales_off getting populated at runtime.
please give details steps with code if possible?
i have created the authorisation variable and am using it in the query. if i manually assign values for sales office in the role, it is working fine.
i want to assign values at run time. i am confused with the process as such.
few specific doubts like:
1> the variable should be of "authorisation" processing type or "customer exit" processing type.
2>what to use I_step=0 or I_step =1? how to use? where to use?
3>to write a abap code or use a func module, which one? how to use.
4> what(value) to assign for the zsales_off object in the authorisation profile?
thank u in advance..Hi torsten,
thank you. but i am afraid it doesn't give me an idea as to how to move ahead?
i have variable with processing type "authorisation" used in many queries.
can i use the customer exit rsr0001 for this variable? what value should be assigned in the authorisatio profile for this object?
please give the detail process and a abap code if possible.
thank u -
BI 7 Upgrade - Problem with Authorisation Variable on Compounded Char
Dear All,
We have just upgraded our DEV environment from 3.5 to BI7 and have encountered a weird problem with 1 of our authorization variables.
Our authorization check variable checks the values from a table that the users are allowed to use (which includes the selection screen). There are 2 variables 1 for the uncompounded char and 1 for the compounded char, the uncompounded variable is working just fine but not the other. When the user tries to pick a value, they are presented with not just their restricted list but ALL the values.
Can anyone explain this? Has BI 7 changes the way authorizations work with Compounded Characteristics ?
Before anyone asks, these variables work just fine on 3.5 and are working just fine in our QA and PRD environments.
Help required urgently.
Thanks
CraigHi,
Yes authorisations in BI 7.0 are a bit different from the ones in BW 3.5. Here is the link which will help you know every thing in BI 7.0
bw 7.0
Regards,
Habeeb
Assign points if helpful. -
Populating a authorisation object at runtime...
Hi,
how to populate a authorisation object at runtime? is it possible to have a variable etc that can be populated a runtime?
I have a object zsales_off which has different values for different users. i need to create separate roles just to have different values for sales office for different users. i would like to avoid this by having a single role with the zsales_off getting populated at runtime.
Details steps with code will be appreciated.
thank you.Hello AHP,
i am not still very clear about the detailed steps to be carried out as i am a novice in abap.
i have created the authorisation variable and am using it in the query. if i manually assign values for sales office in the role, it is working fine.
i want to assign values at run time. i am confused with the process as such.
few doubts like:
1> the variable should be of "authorisation" processing type or "customer exit" processing type.
2>what to use I_step=0 or I_step =1? how to use? where to use?
3>to write a abap code or use a func module, which one? how to use.
any example(like in my case different sales office values for diffrent users) with DETAILED STEPS & CODE would be appreciated.
also i need to have multiple single values for each user(but not interval).
Please help. -
Understanding complex query with selections(customer exit variables)
Hi experts,
I am trying to understand one query having a combination of selections and BEx variables in it.
In Characteristic Restrictions panel of Query Designer:
we have some CHARs restricted by means of authorisation variables
In Default Values panel:
some other CHARs without any filters
In free CHARS panel
some characteristics
In Rows panel:
some more chars that were placed in Default values panel
In Columns panel:
Formula YTD on selection YTD
Formula Monthly on selection Monthly
Selection on YTD characteristic(hidden)
Selection on Monthly characteristic(hidden)
Selection XX(in definition,I saw selection on YTD Keyfigure and a characteristic variable VAR1(i-step=1) filled with customer exit..this variable picks up right version of Master Data...our system has many versions of master data,one for each year)
Selection YY(in definition,I saw selection on Monthly key figure and the same characteristic variable VAR1 we used in Selection XX)
When I execute this..I see one variable popup which asks for values for year and version of master data...I enter master data version for that year and the year....I see the result...
Now I tried to experiment to learn...I deleted Selection XX and Selection YY and tried to execute....a variable popup asking for year...I enter year and tried to execute..it throws message---'Value for variable VAR2 cannot be determined'......
I couldnot understand this error because VAR2 is a customer exit characteristic variable defined in CMOD...ITS NEVER USED IN THIS QUERY...but defined in CMOD to pick up correct version of Master data..its defined in such a way that it picks value depending upon VAR1 varaible....both variables function is same...its just that VAR1 works on i_step=1 and VAR2 works on i_step=2 plus dependent on VAR1....
Can anyone understand why I am seeing error about VAR2 when its never used in Query....??
Thanks for your inputs....Hi Vikram,
I am unable to find VAR2 anywhere in query designer....Can it be like that its hidden?
Thanks and Rgds,
SChand -
Changes to Variable in Customer exit
Hi Experts,
We have two variables in the ready for input query.
First Variable : Customer exit variable which gets populated based on user login details.
Second Variable: Input ready variable. The values will be populated depending on the first variable.
Suppose the user belongs to Sales Org India, the first variable will be populated in the back ground with value IND.
So the second variable(input ready) on sales hierarchy shows the available values only for INDIA in the format Region->State->city etc .
Now the problem is, even the user selects city in the second variable, the result set is being locked at the INDIA level . As a result the other users are not allowed to lock the data even if they select any other city.
Is it possible to delete value of the First variable in the customer exit after the user input the value for the second variable ?
I mean the Sales org should be set to empty after the user input to the second variable, so that the lock will apply at the region /city level .
Please let me know If I can provide any more information.
Thanks and regards,
Babu vHello,
Pl see if you can use first variable as authorisation variable
and second variable as i_step =2 as follows
INCLUDE ZXRSRU01 *
Enhancement: MultiProvider using InfoProvider Variable
include YBW_INFOPROVIDER_VARIABLE.
*& Include YBW_INFOPROVIDER_VARIABLE *
DATA:
ls_var TYPE rrs0_s_var_range,
ls_range TYPE rsr_s_rangesid,
l_contained TYPE c,
ls_mapping TYPE ybw_mapping,
lt_mapping TYPE TABLE OF ybw_mapping.
Called after variable popup
IF i_step = 2 AND i_vnam = 'INFOPROV'.
- 13 -
Read mapping table
REFRESH lt_mapping.
SELECT * FROM ybw_mapping INTO TABLE lt_mapping.
Process all selection for country variable
REFRESH e_t_range.
LOOP AT i_t_var_range INTO ls_var WHERE vnam = 'S_COUNT'.
Process all mapping rules
LOOP AT lt_mapping INTO ls_mapping.
Always fill LOW and HIGH, Otherwise logic below will not work
IF ls_mapping-high IS INITIAL.
ls_mapping-high = ls_mapping-low.
ENDIF.
Check if selection is contained in the defined InfoProvider
CLEAR l_contained.
CASE ls_var-opt.
WHEN 'EQ'.
IF ls_var-low BETWEEN ls_mapping-low AND ls_mapping-high.
l_contained = 'X'.
ENDIF.
WHEN 'BT'.
IF ls_var-low <= ls_mapping-high AND
ls_var-high => ls_mapping-low.
l_contained = 'X'.
ENDIF.
ENDCASE.
Add InfoProvider to return table
Note: Use COLLECT to avoid duplicates
IF l_contained = 'X'.
CLEAR ls_range.
ls_range-sign = 'I'.
ls_range-opt = 'EQ'.
ls_range-low = ls_mapping-infoprov.
COLLECT ls_range INTO e_t_range.
ENDIF.
ENDLOOP. " lt_mapping
ENDLOOP. " i_t_var_range
EXIT.
ENDIF.
Thanks and regards -
Variable in ''Name of Variable(Input Only Using F4).' for variant attribute
Hi All,
I Have a small problem with saving variant.
I am trying to save the Variant.In the varaint Attributes we have a field 'Name of Variable(Input Only Using F4).
I have created the PID 'XUS' in SU3.But i am not able to to view the variable in ''Name of Variable(Input Only Using F4).'.
Anybody please let me know how to make it.
Thanks,Please follow the below steps to restrict the user to access 2 company codes,
1)Mark the IO(Company code) Authorization relavent and activate it.In the IO Business Explorer tab check the Authorization relavent check box.
2)Go to T-code RSECADMIN -Under Maintainance -Enter the name of Authorization Object an click on create Authorization.Insert the IO and also SAP recomended Objects 1.0TCAACTVT, 2.0TCAIPROV and 3.0TCAVALID.
Maintain the values for these objects.Select the company code and click on details.
3)T-code RSU01-Enter the name of the user to be assigned with the authorization object and click the change button.The select the relevant authorization object and save.
4)Create Authorisation Variable in Query Designer Create an Authorization Variable - Variable with Processing by Authorisation in Query Designer as Below for Sales Organisation
Note : Also include all Authorisation Relevant Objects which are used in that infoprovider in addition to the above additional 3 objects otherwise you may get "No Authorisation" error when you execute the query.
Note : 0BI_ALL is the authorization object to access all the info objects which are authorization relevant.
Reagrds,
Ramitha -
Code (ABAP) for the Customer Exit Variable (CMOD)
Scenario
An employee can purchase any no of policies in a day or month.each policy will have start date and expiry date.
My requirment
Count all the policies(valid) by employee on a ranges basis exception reporting
(0-10;10-20;20-30;30-40) and then able to drill down by policy start date and expiry date.
As per the requirment is to show policies that employee had with in the give date intreval which are not yet expired (active) i need to write a condition that will count only policies whose Expiry date is > Current calender day
As Policy Expiry Date is a char i am converting it to KF using fourmala variable so that i can write a condition on it using current cal day formula variable sap exit
Requirment:
Need a code for SAP exit variable which will meet the following requirment
There are the following 2 variables in the query
1) A variable (User Input)(Date Range) on Policy Start Date and
2) Authorisation Variable which is based on Authorisation Object(Analysis Authorisations)
I need a SAP Exit variable (CMOD) that will
BAsed on the user entered Policy Start date it has to pick all the policy exiry date of the policies and display all the policies whose expiry date is greate than Sy Date (Current Date) and also if Policy Expiry Date is blank or # it has to display
Arun supplied me with the below code...but i think it doesn't include blank expiry date or #...as i am new to ABAP please update me with releavent code
Policy Start Date : ZPST_DTE
Policy Expiry Date: ZPSP_DTE
Variable (Type:Customer Exit) on Expiry Date: ZEEXP_DTE
Arun's Code:
IF I_STEP = 1.
CASE V_NAME
WHEN 'X' " X is the variable u created for the exit
l_s_range-low = SY-DATUM.
l_s_range-opt = 'I'.
l_s_range-sign = 'GT'.
APPEND l_s_range TO e_t_range.
END CASE.
Please modify above code to include Blank or # values of Expiry Date
Thanks Arun
Please ask if you need further info as this is urgent
ThanksHi Arun,
Thanks for the help...will definetly assign points
(Closed the previous thread)
Please spare bit of ur time as this is my first ABAP Code
Can i include 2 restrictions..# and Variable (Customer Exit)...But how can i include Records with Blank Values
As the data from Source system the expiry date is filled up with either Date or # or Blank...my requiorment is to include all 3 and
Question:
As there are 2 other variables defined ..one on Policy Start Date (User input date intreval) and Location (Authorization Variable..Analysis Authorisations)...Do i need to change I_STEP in the code
(Req: Reports shows all the(still valid) policies emp has purchased between 2 give date (Variable on Policy Start date)
IF I_STEP = 1.
CASE V_NAME
WHEN 'X' " X is the variable u created for the exit
l_s_range-low = SY-DATUM.
l_s_range-opt = 'I'.
l_s_range-sign = 'GT'.
APPEND l_s_range TO e_t_range.
END CASE. -
Error with authorisation in planning function, URGENT!
Hello,
the following error occurs in our BPS Q system:
we have an authorisation variable for different BPS functions (projection and medium-term planning), which has to guarantee that all authorised sales types will be displayed and not only these restricted in the planning folder.
This variable doesn't work correct only in ta. BPS0, i.e. it draws all sales types and not only the authorised.
It also displays an error with message no. UPC302: "Errors occurred when executing planning function ZIPF079/ZIPG079" and when executing the autorisation check log in ta. RSSM it is noticeable that program UPB_PM_START is used instead of UPB_PM_CUST_START.
Any ideas about the reason for this error?
Any help is appreciated,
regards, Martin LehmannHello CSM reddy,
you are right, one infocube in the multi area wasn't adjusted to "authorisation relevant". A colleague of mine found this out.
Thanks,
Martin Lehmann -
Many different user authorisation while query runtime
Hello experts,
I've got a request for a query authorization where about 100 people needs to have a different view of a query result and I'm not sure what way I have to go.
There is Bex Query (SAP BW3.5) which contains the IO 0bp_respper and a key figure which gives you the number of activities back.
The requirement is that about 100 users can have access but they are not allowed to see all 0bp_respper.
One user can see the details of 0bp_respper (1,2,3), the next user is allowed see the details of 0bp_respper (30,76,55,60) and so on. And some are allowed to see all 0bp_respper.
You see that I actually would need in worst case 100 roles. Within the query I would use the authorisation variable to read the athorisation at runtime from each user profile.
It seems, and pls correct me if I'm wrong, that the authorisation variable is only feasible as long as the different combinations behind the authorisation check is manageable. (less than 10)
There is also the option to use exit variable at runtime. Should I rather use that one and do some coding. But in this case I would need a seperate table to define each users rights for 0bp_respper, or not?!
Or do u have another idea to implement the requirement?
thanks for ur help
MichaelA good way to check this out would be to do a 10053 trace.
Try this:
connect user1/pwd@whateverdb
alter session set events '10053 trace name context forever, level 1';
<run query here>
connect user1/pwd@whateverdb
alter session set events '10053 trace name context forever, level 1';
<run query here>
exit;
Now compare the trace files to see what the CBO is doing differently. Pay particular attention to the optimizer parameters at the beginning of the trace file. Are all the values the same?
-Mark -
Hi
Ok I have looked through previous posts and nto quite found the answer
We are implementing the new authorisations in BW and we have done the following:
1: Made 0profitcenter authorisation relevant along with the special characteristics:
0TCAACTVT
0TCAIPROV
0TCAVALID
2: Creat Analysis Authorization (eg: IT) by executing transaction code RSECADMIN
3: Inserted the InfoObject 0profitcenter and given it a required value (95595 for example) and operator "EQ" (single value).
4. In PFCG created a role Z_USER_PC_95595
5: Put in authorization object S_RS_AUTH and added the IT analysis authorisation saved and generated
No when we exectue the report we get an non auhtorisation issue on subselection.
I ahve solved it by created a variable in the report on profit centre and selection it as an authorisation variable so the value 95595 for profit centre gets automatically filled.
The report now works.
HOWEVER,
Do I always need to create the variable in the report to compliment the work in PFCG and RSECADM or is there a way to do this without the variable so the restriction is automatic and not visible to the user???
If i do not need to create the authorisation variable then what other way is ther? Please give detailed steps
RegardsHi there.
Here's some answers:
Do I always need to create the variable in the report to compliment the work in PFCG and RSECADM or is there a way to do this without the variable so the restriction is automatic and not visible to the user???
To automatically fill the values in the query by those the user has authorization you have to use variables. This is because when you're executing the query you have in there the profit center, the system doesn't know what values the user is executing has authorization and tries to send them all. After this the system checks all those values with the user authorization and fails if it don't find a match. So you have to use a variable to filter the values.
Now you could create several types of variables.
An authorization variable ready for input. This variable will automatically fill the values the user has authorization but allows the user to see those values and change those values. Imagine the user has authorization for 100 types of profit center. By default the system would fill those 100 profit centers, but the user could change those 100 to only 1 or 2.
An authorization variable not ready for input. In this case the system would automatically fill the values the user is authorized for but won't let the user see or change those values. This is good if you want transparency in your authorization. The user doesn't even has to know he/she will be checked for that authorization. In this case the system would always execute the query with authorization since all the values the user is authorized are always filled. You can put this characteristic with the variable in the filter or in the free char.
A normal variable, ready for input. In this case you allow the user to enter the values but don't pre fill them. You let the user insert whatever he/she wants. Off course in this case the user could insert an amount of values he/she is authorized and not, and the system will validate all of them. If the system encounters any value the user is not authorized will prompt an lack of authorization message if not it would execute the query just fine.
Diogo. -
":" in analysis authorisation objects
Hi,
We made 0DEPARTMENT as authorisation relevant.
In one of our Analysis Authorisation Objects(Rsecadmin) Settings for 0DETARTMENT IS = :
What exactly ":" represents
Thanks in advanceHi,
The colon( value is used in BW to authorise display of aggregates. If you are using company code in the free characteristics and do not restrict on it to authorised values, you need to maintain : for it. Once you drill down on it (or equivalently put it in the rows) you need the actual values to be maintained in the authorisations as well.
Have you investigated the use of authorisation variables? You can maintain the values 1000 and 3000 in the authorisation and restrict the characteristic with an authorisation variable. This will ensure that the query is run for only the authorised values. This will work irrespective of whether you use company code in the rows or free characteristics.
Thanks,
Venkat -
A formula with a formula variable with a replacement path delivers X
A formula with a formula variable with a replacement path delivers X as a result if the characteristic of the replacement is not in the drilldown
I have Created on ( date ) on which I have a Formula variable . I have used that Formula Variable in my calculated Key figure .
Now the Problem is If I use Created on in ROW , The calculated key figure works . But if I don't use in Row , The calculated Key figure shows X . Situation is Users don't want to see Created on in ROW .
If I use in row and hide also , then number of Records will be same .
Pls guide me what shoud I do .
Is this problem related to support pack .hi
i would like to know how to create the replacement path and authorisation variables.
what are the steps we need to follow in rsa1.
Edited by: vasu reddy on Apr 9, 2008 11:28 AM -
Collom formula with a variable
Hi everybody,
i am working with Hyperion Reporting Studio and need your help.
I need to create a formula in a Grid looking like this:
Eval(([2,Y]/[9,AA])*100000)
Now i need to copy this formula to the whole grid, which meens 200 rows.
The second cell [9,AA] is fix and should not change.
But the first cell needs to be variable. It should refer to the row number.
For example:
ROW 2: Eval(([2,Y]/[9,AA])*100000)
ROW 3: Eval(([3,Y]/[9,AA])*100000)
ROW 4: Eval(([4,Y]/[9,AA])*100000)
and so on...
How can i put a variable for the row number?
Thank a lot
Eddyhi
i would like to know how to create the replacement path and authorisation variables.
what are the steps we need to follow in rsa1.
Edited by: vasu reddy on Apr 9, 2008 11:28 AM
Maybe you are looking for
-
I have lost some (lots) of the contrast since trying to install MAVERICK, please help, thank you
-
Migration Oracle 11.5.10.2 on LINUX..Printer Setup
Hi there We are in the middle of migration of Oracle 11i (11.5.10.2) From UNIX to LINUX, The DBA setup printer on UNIX and they all are working fine , and the same printer DBA setup for LINUX, and users are able to print reports on the same printer,
-
Hello, Was searching for an answer but can't find any answers. Personally, I have VZW with iphone 4 and my upgrade isn't until next year March. Want to get iphone 5 so bad. At our office we use the Droid Incredible that my workplace pays for the p
-
SERVICE BATTERY ON MACBOOK PRO 13" MID2010
I replaced the battery on my MACBOOKPRO 13" with an OEM battery but the battery indicator still says "Service Battery". I did an SMC reset and nothing happened. I tried to restart and the message is still there. It is charging just fine and holds the
-
Need help please programs to stop DDOS attacks
hi all sorry if this is off topic but i play jedi knight jedi academy multiplayer and my server and my internet connection, or my i.p i'm not sure which or if it's both but i'm being DDOSed. is there a way to stop my connection/i.p from being attacke