HCM Authorization - Creation of separate Roles & Objects

Similar Messages

• Prevent creation of additional common objects at the  same time ...

  Context: A Super User group may require to be allowed to create and/or change queries in Production
  Would be possible to prevent creation of additional common objects like rectricted and calculated key figures and variables at the same time allowing creation of queries in terms of dragging and dropping filters, free characteristics, rows and columns?
  I know that keeping the system closed to changes and using the transport connection Object Changeability it is possible to restrict change of query elements to those that are original in the system.
  Points will awarded.
  Thanks
  Mathew.

  In transport connection Object Changeability, you can only set query elements as modificables but you cant distint between diferent query elements (queries, calculated/restricted key figures, structures, etc).
  You can do that distiction in authorization object in rs_comp and rs_comp1.
  You should combine transport connection Object Changeability and authorization objects in roles

• Structural authorization - creation of employee number in webdynpro or abap

  Hello Experts,
  We are facing some problems with the combination of structural authorizations and the creation of a new employee.
  When we use PA40 to create a new employee this does not give any problem.
  In the webdynpro we first execute a call transaction PA40 to apply infotype 0000 and 0001. This works well.
  Except that the call transaction does not set the connection between PA and OM. (so we did program this ourselves)
  In PO13 and the table HRP1001 the same relations are made as when we use PA40 in the sap gui.
  After this we do call transactions PA30 for the next infotypes.
  When we check the SU53 it gives a message: problems with structural authorizations object P (with the employeenumber) starting at 01.01.1800, enddate is empty.
  The employee is manager and connected with his userid in infotype 0105.
  We use in the structural profile the function module  RH_GET_MANAGER_ASSIGNMENT
  We checked with transaction HRHAUTH.
  User has been adjusted to the tables T77UA etc.
  We do not use workflow in this webdynpro
  We used the trace function when this was executed, but it did not give more information about missing structural authorizations.
  This issue was before on SDN (Structural authorization - creation of employee number) but unfortunally there was no solution there for the issue!
  Hope one of you can help me to find the solution!
  With kind regards,
  Rita Mensink

  Hi.
  After 2½ days of frustration I finally nailed this.
  Function group RHAC, that handles the authority checks, initially buffers a table called VIEW containing all objects available for the user. As stated earlier in this conversation, SAP handles creation of relations in HRP1001 (links PA and OM). At this point the new employee number is appended to buffered table VIEW in function group RHAC.
  When execution the PA40 activity through CALL TRANSACTION, the creation of the relations are not handled - and the same goes for updating the buffered table VIEW. The table can be updated using the function module RH_VIEW_ENTRY_INSERT from the same fundtion group:
  This example might be useful
    data: ls_view_entry type hrview,
          ls_related_object type hrobject.
    ls_view_entry-plvar = '01'.
    ls_view_entry-otype = 'P'.
    ls_view_entry-objid = lv_pernr.
    ls_view_entry-begda = '18000101'.
    ls_view_entry-endda = '99991231'.
    ls_view_entry-maint = 'X'.
    ls_related_object-plvar = '01'.
    ls_related_object-otype = 'S'.
    ls_related_object-objid = lv_ny_objid.
    call function 'RH_VIEW_ENTRY_INSERT'
      exporting
        view_entry     = ls_view_entry
        related_object = ls_related_object.
  Best regards
  Poul Steen Hansen
  Senior Technical Consultant
  EDB Consulting Group A/S, Denmark

• How to create authorization in BI 7.0 objects

  Dear Friends,
  how to create authorization in BI 7.0 objects. Pls any body help. tghjis is morevhelpful for me
  Regards
  Ramana

  give the user name to whom you have to give the authorizations.
  maintain user then you can see the roles tab where you can assign the roles for the user.
  for these roles you can assign the authorization objects. when you double click on the roles you can get the maintenance of the role where you can edit or give the authorization objects for that role.
  some example for the authorization objects are:
  S_RS_ADMWB (Datawarehouse workbench-objects), S_RS_IOBJ(Datawarehouse workbench-Infoobject), S_RS_DS(Datawarehouse workbench-Datasoure for release greater than 3.X), S_RS_DTP(Datawarehouse workbench-DTP's) etc
  You can edit these authorization objects like providing them display or create or modifying authorizations
  Go through the below link:
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/659fa0a2-0a01-0010-b39c-8f92b19fbfea

• Authorization Creation

  Hi All
  I ve an ABAP program which is been used for loading the file from workstation to application server and triggers the process chain, In the ABAP coding,, i need to select the application area and eventid,, this is been maintained in seperate infoobject. The Application area is basically based on different workstream like finance, Manufacturing etc.
  When the user runs the ABAP program,, say for example, if that particular user is assigned for Finance, when selecting the file,, he needs to see only Finance related eventids alone, is it posible to set a authorization objects on Info objects and restrict it to the users in ABAP coding??
  If yes, please send me the details of how to do it,,
  Ill assign points for it,,
  Regards
  Dinesh,

  Hi Dinesh,
  In BW we don't have Tcode base authorization, hence we cannot do as we do in R3 (restiction of Tcodes other then his module).
  Here with help of roles we provide authorization. In these roles we can restrict user to specific info object/data target/info source/ query/workbook and so on , as per need.
  Hence what you can do is that restrict users by info source/ info cubes which are relevent for them for reporting.
  Say finance person shall be authorised to change/display only FI info source or info cubes and not SD or MM, as per the scenario.
  Procedure:
  1.Make info object Auth relevelant by putting cross in check box provided in info object maintenance.
  2.Go to RSSM
  3.choose Auth object name
  4.Select required info object for list
  5.if want to restrict this object for perticular data target then choose that also from below
  6.Check that you have used info object and data target (you can also provide auth for hierarchy and hierarchy nodes).
  7.Now go to PFCG and create a new role or use an existing one which your user is having in his ID.
  8.Manully add that object in his auth object list and restrict accordingly, you can check here for other objects (eg cube and info source) if you want to edit them.
  9.Generate this and go back, put user id in coulomn on user tab and perss user comperision.
  10.Finally save and exit.
  this way use do this, also depends on your requirements that how you want to authorize a person for activities.
  Hope it helps.
  Write for more help if needed.

• Doubt in creation of a new object

  Hi All,
               I have one doubt in creation of a new object.If a new object is to be created and it is not a subtype
  of any existing object, then what should we enter in the Program field for creating the object?
  I hope I am clear with my question.
  Thanks in Advance,
  Saket.

  Hi Saket,
  Following will be required for created a custom business object.
  1. Object Type - ZTEST (Internal Techincal Key)
  2. Object Name - ZTESTNAME (Technical Key Name)
  3. Name - TEST (Name of BO, it is used while selecting the object type)
  4. Description - (Short Description of BO)
  5. Program - ZTESTPROGRAM (ABAP program in which the methods of the object type are implemented)
  6. Application - A or B.. etc (Area to which your BO is related)
  Please remember that you can learn these basic things by giving F1 help on those fields and in HELP.SAP.COM.
  Regards,
  Gautham Paspala

• Need procedure for creation of BW Roles, Assigning Queries,Publishing Roles

  Hi Experts,
    Could you please let me know the procedure for creation of BW Roles, Assigning Queries,Publishing Roles in Business Explorer (BEx - BW 3.5)
  Thanks in advance,
  Andy

  Hi,
  Creating BW Roles
  http://help.sap.com/saphelp_nw04/helpdata/en/52/6714b6439b11d1896f0000e8322d00/frameset.htm
  Assigning Queries
  After creating the query, save the query to a role from the query designer.
  Publishing Roles in Business Explorer
  https://websmp101.sap-ag.de/~sapdownload/011000358700002894802003E/HowToBIPortal1.pdf
  Hope this helps you..!
  -Pradnya

• A query with respect to creation of the  shared Objects.

  Hi ,
  I am having a query with respect to creation of the  shared Objects.
  I have seen a example where the Author is creatining Shared Object as shown
  below :
  SharedObj = null;
  sharedObj = SharedObject.getLocal("myTasks");
  and there is nothing related to the word "myTasks" anywhere in the Application .
  Can anybody please let me know what is this word "myTasks" mean here ??
  Thanks in advance .

  hi,
  With a shared object it will create one if it doesn't exist, so "myTasks" will become the shared object name or if it exists it will load any objects that are within that shared object.
  Below is a simple example that uses sharedobjects to store login details.
  http://gumbo.flashhub.net/login/
  David

• Confused about creation of inner class object of a generic class

  Trying to compile to code below I get three different diagnostic messages using various compilers: javac 1.5, javac 1.6 and Eclipse compiler. (On Mac OS X).
  class A<T> {
      class Nested {}
  public class UsesA <P extends A<?>> {
      P pRef;
      A<?>.Nested  f() {
          return pRef.new Nested();  // warning/error here
  Javac 1.5 outputs "UsesA.java:11: warning: [unchecked] unchecked conversion" warning, which is quite understandable. Javac 1.6 outputs an error message "UsesA.java:11: cannot select from a type variable", which I don't really undestand, and finally the Eclipse compiler gives no warning or error message at all. My question is, which compiler is right? And what does the message "cannot select from a type variable" means? "pRef", in the above code, is of a bounded type; why is the creation of an inner object not allowed?
  Next, if I change the type of "pRef" to be A<?>, javac 1.6 accepts the code with no error or warning message, while javac 1.5 gives an error message "UsesA.java:11: incompatible types" (concerning the return from "f" above). Similarly to javac 1.6, the Eclipse compiler issues no error message. So, is there something that has changed about generics in Java between versions 5 and 6 of the language?
  Thanks very much for any help

  Checkings bugs.sun.com, it seems to be a bug:
  http://bugs.sun.com/view_bug.do?bug_id=6569404

• Convert multiple layers into separate smart objects

  I have multiple layers in a document that I want to make into separate smart objects.
  If I select them and choose "convert to smart object" in the Layers Panel fly out, it flattens the layers into 1 smart object.
  Can it be done, or do I need to make each layer a smart object one at a time.
  OR... let me back up
  I have several files in Bridge, I want to "load into Photoshop layers" using the TOOLS > Batch Command BUT have each file load as a smart object.
  Either way would be great!

  While these don't use the batch command, take a look at
  from within photoshop, File>Scripts>Load Files into Stack.
  For bridge try Dr. Browns Services:
  http://www.russellbrown.com/scripts.html
  If you have cs5, you can drag files from mini bridge into an existing
  photoshop document, for smart object layers, provided you have
  your preferences under general to place or drag raster images as smart objects.
  MTSTUNER

• How to separate an object with a 3d effect

  How to separate an object with a 3d effect
  Hi, I have outlined some text and applied a 3d effect but now I want to separate each letter so I can adjust the colour on the face of the letter with the colour on the extruded part.
  I am sure it is probably straight forward but could do with a little help!
  Thanks

  I think what the OP wants to do is to keep the extruded part the same color and change the face of the letters to different colors. And he/she did mention that the text is outlined.
  If that's the case, I can think of two things to do if you want to keep the 3D effect live (i.e., unexpanded).
  1. You could apply a stroke to the outlined text, in the color you want for the extruded part. Then just change the fills individually (Tip: view in Outline mode and use the Group Selection tool to select each letter).
  2. If you don't like how the stroke looks on the letters, make all the letters the same color — the color you want for the extruded part. Then make a copy of this group of letters. Select the copy, then click in the Appearance panel to to edit the 3D effect. Put the Extruded Depth at Zero. Now chnage the colors to your liking, then align them with the original. Interestingly, you can't just use the Align functions, you have to eyeball it.

• Implementing authorization based on database roles

  Hi,
  I am trying to implement authorization in my sample jdeveloper application.
  I have the list of users stored in LDAP and my database table contains the roles for those users.
  Now how can I get the roles from the database table and implement authorization based on the roles?
  I am using jdev 11 and weblogic 10.3
  Thanks

  Hi,
  Checkout [this post|http://forums.oracle.com/forums/thread.jspa?threadID=928304]
  Sireesha

• Splitting up text at line breaks into separate text objects

  creating a map with many text objects each containing one village name etc. or sth similar it would be nice if we could
  - type all names with enter/linebreaks
  - and then choose something like 'create separate text objects for each text line'
  I know I could convert the start text into outlines and then individually placing/moving them, but I still want to be able to edit all texts in one go (e.g. changing font size, colour, etc.)

  Beate,
  Since you mentioned a map, you can also do it this way:
  1. Count the paragraphs in your text.
  2. Select the text object containing the lines of text. Copy or Cut it to the Clipboard.
  3. LineTool: Draw a horizontal line.
  4. AltShiftDrag a copy of the line downward. Transform Again (Ctrl D) until you have as many lines as you had paragraphs.
  5. Text tool: Hover over the topmost line. Click when you see the Type On A Path cursor. Paste.
  6. Drag a selection marquee across all the lines. Type>ThreadedText>Create.
  7. Type>ThreadedText>RemoveThreading.
  Now you have a bunch of indiviudal text objects, but they are already Type On A Path objects; so you can drag them into position on your map, and then directselect their paths to edit their shapes (assuming you want pathType objects to bend along roads, etc.)
  JET

• No authorization for action: CRE with object: ADCP

  Hi,
  I encountered the following error when creating an index:
  No authorization for action: CRE with object: ADCP
  I was at transaction DB02 -> 'Checks' -> Database<->ABAP/4 Dictionary.
  The checks indicate that there are some optional indexes that are not created.
  The error is encountered when I select one of these indexes (eg. ADCP-I01) and try to create it using the 'Create in DB' button.
  Do I have to assign some certain permission to my account? I am already holding the SAP_ALL and S_A.SYSTEM profiles.
  Thanks for any help,
  Tzyy Ming

  Hello,
  As i had expected DDIC userid did the needful.
  to see whether the index is created, you need to do the following.
  start transaction DB02
  click on the refresh button
  You would then get a new pop up with two different buttons.
  now on this pop up click the 'perform database checks' button.
  System might give you a warning 'This will take time' , click yes and wait for the system to refresh the data.
  Once system has refreshed the database data, you should be able to see your newly created index.
  Regards,
  Siddhesh

• Human task assignment role object

  We can't find role object
  There is a group and user objectç. But that not enougf to solve our routing problems.
  For example
  We have two department. They have progammer.
  when there is a problem occurs. we want to assign a task workgroup1 programmer role or wg2 programmer role according to task attribute.
  How can we do it .
  Thanks.

  repost.