How to restrict data for certain users (brokers) in CRM
Hi Team,
We need to restrict brokers on their ability to 'see' and create trade promotions for only a given set of customers.
Example:
Broker Joe Smith can only see through t-code BP 3 customers, even though their are 10 customers created in the CRM system.
Same goes for the t-code CRM_MKTPL (trade promotions), how do we restrict Joe Smith from creating promotions for only those 3 customer and not the other 7 customers?
Any help is appreciated.
Has anyone restricted any transaction like this before?
Does it need ABAP programming? or does it need additional security roles?
Thanks,
The access control engine in CRM, is probably your best bet for this option. I have not used it, but we did evaluate the use of the product. I know this product works in BP, but I have not looked to see whether it hooks in CRM_MKTPL.
Do a search on ACE in this forums or in the CRM help documentation. Try this link for some basic information
http://help.sap.com/saphelp_crm40sr1/helpdata/en/a9/04c42a9e207545b47a32d1d05f53c3/frameset.htm
Good luck,
Stephen
Similar Messages
-
How to copy data for certain member from one dimension to another dimension
Dear ,
I want to copy data for certain member ("511102") from one dimension to another combinations of dimensions ,
I have the following combinations for "511102" :
_("Budget2012","FY12","Working.V01","SAR","BegBalance","1011","G_10","custom Grades")_
I want to copy "511102" to "salary"
-salary have the following dimensions :
_("Budget2012","FY12","Working.V01","SAR","BegBalance","General group","All grades","General Employees")_
, I don't know if I could do it by datacopy of cross dimensional , But I don't HOW >>>
Thanks in advanceFIX("Budget2012","FY12","Working.V01","SAR","BegBalance","General group","All grades","General Employees")
"salary"="511102"->"1011"->"G_10"->"custom Grades";
ENDFIX
or
FIX("Budget2012","FY12","Working.V01","SAR","BegBalance")
DATACOPY "511102"->"1011"->"G_10"->"custom Grades" to "salary"->"General group"->"All grades"->"General Employees";
ENDFIX
Key thing in datacopy is to place the dimensions in cross dimension in the same order. Both sides (before and after "TO") should have equal number of dimension members specified.
Cheers,
Alp -
How should restrict data for particular month?
Hi Experts,
How should retrieve data for particular month without where condition.Hi,
You must be having Month Object right in your Webi?
User will be given opportunity to Select his/her required [Month]
Create variable as =Userresponse("Enter value for Month")same text as you are giving in the Prompt text....Name it as [UMonth]
Go to analysis tab..Filter..Add filter...[Month]=[UMonth]
always this report will run for the month user require -
How to restrict login for multiple users having same Role
Our Web Application is deployed on Tomcat 5.5
The requirement is ?
There are roles in application like "operator", "admin"?
There are multiple users created for each of the above role.
When one user of "operator" role is logged in, then
It should not allow to login for another user of "operator" role.
Also, if user did not log out & application gets close, then
It should not allow to login for another user of "operator" role.
Also, it should not allow to login for multiple requests of same user
(using another browser instance...)
Is it possible using session object?
But, using session object, it will create separate objects for different users,
So here I will not be able to restrict session object creation rolewise.
Also, how to retrieve these multiple session objects created for different users on server?
If anyone is having the solution please reply as soon as possible,
Thank you.To tell you the truth, this is a stupid requirement. It must be an extremely fragile application.
In any case, you will have to write your stuff for that. Probably a filter that on login, logout, and session expiration checks, makes, or removes entries in a DB (using a synchronized resource to prevent race conditions) or possibly even simply in an application context object. -
How to restrict data for selection
Hi, folk,
I've faced with the following issue.
I have set of items. There are, for example, income items and expense items.
Items are distinguished by value of attribute.
According to business process, planning for income and expense items is quite different. Due to this reason I've created two planning folders to process ones.
Item was placed into header of planning format.
Before planning I should select item. More over, for income planning I should select item from income subset.
So, how to based on value of attribute I can restrict items for selection in the planning folder.Easier impossible,
Rather than using a variable of type attribute I would use an variable of type exit.
The exit returns the full list of item in income or expense. (This depends on another variable, that could be a simple digit base or based on some other infoobject).
The variable should be assigned to your level and also available in the planning folder for selection.
The user will see the full list values and select the one he nedes to plan.
I hope it's clear.
Cheers,
Alberto -
Restrict data for a user profile
Hi,
I've made a jsp application where i implemented a users profiles for the screens, so i defined that user x can access to the jsp y in insert mode but can't access in remove mode.
But now i need to implement a second profile that restrict the data that the user can see, like a Portuguese user can only see Portuguese citys and i don't know what is the best way of doing this, i'm using a BC4J.
Any ideias
thanks in advanced
rjcHi,
Not exactly sure the exact details of what you are trying to achieve, but when the user logs in you can create a session variable that can be retrieved during the user's session. You implement this by using:
session.setAttribute(String attrname, String attr)
Then you can retrieve the attribute at a later time. So on your jsp page (I'm not sure of your table structure) you can do something similar to this:
<%String whereclause = "Country=" + session.getAttribute("Country");%>
<jbo:ViewObject id="CityView" whereclause="<%=whereclause%>">
Hope this helps....
A
Hi,
I've made a jsp application where i implemented a users profiles for the screens, so i defined that user x can access to the jsp y in insert mode but can't access in remove mode.
But now i need to implement a second profile that restrict the data that the user can see, like a Portuguese user can only see Portuguese citys and i don't know what is the best way of doing this, i'm using a BC4J.
Any ideias
thanks in advanced
rjc -
Restrict Data for a user without VPD
I have read some posts, and maybe there are no better solutions, but I will try.
For a particular user (User_A) I have to limit the data the user can see by Data_ID.
Data_ID avialbe to User_A is 1, 2, 3.
I know I can create a View for each Table and create a folder based on that for this purpose.
Howevere I am wondering if there is something I can do through Discoverer Admin to accomplish this, so that I won't have to duplicate the folders.
What I want to do is create a set of Folders in the main Business are and create "Filtered Folders" in a different Business Area.
Any suggestions except VPD would be appreciated.Hi
To follow up on what Rod has said, yes this solution will work.
When I do it I add a mandatory condition to my folder which restricts the data to only what the user can see.
Here's a workflow for Row-level security without a VPD:
1. Create a security table
2. Create a security index
3. Grant the select rights
4. Populate the table
5. Create a function
6. Import the function into Discoverer
7. Create mandatory condition using embedded calculation
8. Test
Here's a simple table script:
CREATE TABLE GEN_SECR(
USERNAME VARCHAR2(8) NOT NULL,
SEC_TYPE VARCHAR2(32) NOT NULL,
SEC_IND INTEGER NOT NULL);
In the above table, the three columns are used as follows:
USERNAME Oracle username
SEC_TYPE An identifier for the item to secure.
SEC_IND Use 0 for no access, 1 for access
Create an index:
CREATE UNIQUE INDEX GEN_SECR_PK ON GEN_SECR(USERNAME, SEC_TYPE);
Grant access
GRANT SELECT ON GEN_SECR TO PUBLIC;
Populate the table:
INSERT INTO GEN_SECR VALUES
('DRAKE', SALES', 1);
INSERT INTO GEN_SECR VALUES
('MSMITH', ‘SALES', 0);
Here's my function:
CREATE OR REPLACE FUNCTION F_GEN_SEC
(SEC_TYPE_IN VARCHAR2)
RETURN NUMBER IS
GEN_ACCESS NUMBER := 0;
BEGIN
USER is a system variable and contains the Oracle user id of the currently logged in user
SELECT SEC_IND INTO GEN_ACCESS
FROM
GEN_SECR A
WHERE
A.USERNAME = USER
AND A.SEC_TYPE = SEC_TYPE_IN;
RETURN (GEN_ACCESS);
EXCEPTION
WHEN NO_DATA_FOUND THEN
RETURN (GEN_ACCESS);
WHEN OTHERS THEN
RETURN (GEN_ACCESS);
END F_GEN_SEC;
Here's a workflow to import function into Discoverer Admin:
1. Use Tools | Import PL/SQL functions
2. Click the Import button
3. Locate the function to be imported
4. Click the OK button
5. Click the Validate button – the function should be valid
6. Check the Arguments button - all should be fine
7. Click the OK button
Use this workflow to create a mandatory condition using embedded calculation
1. Navigate to folder to be protected
2. Right-click in folder, on any item, and from pop-up select New Condition
3. Under Item: select Create Calculation
F_GEN_SEC('SALES') = 1
4. Click the OK button
5. Test using Discoverer Plus
Here's a methodology for Item-level security:
We will use the same table, but rather than secure a whole table, we will secure an individual item
Let’s secure the Credit column and prevent user MSMITH from seeing the content of that item
Populate the table:
INSERT INTO GEN_SECR VALUES
('DRAKE', CREDIT', 1);
INSERT INTO GEN_SECR VALUES
('MSMITH', ‘CREDIT', 0);
Here's the rest of the workflow:
1. Locate and right-click on the item you want to secure
2. From the pop-up menu select Properties
3. Rename the item by adding the characters OLD to the end of the name.
4. Change the Visible to user property to No
5. Click the OK button to close the Item Properties dialog box.
6. Right-click on the item again, and from the pop-up menu select New Item.
7. The New Item dialog box will open.
8. Give this new item exactly the same name as the item you renamed in step 3
9. Check the Functions radio button. The Show box will display a list of the function folders. Functions that have been imported into Discoverer are located in the Database folder.
10. Expand the Database folder and select the function you imported earlier
11. Click Paste. The function specification will be pasted into the Calculation.
12. Complete the calculation using DECODE:
DECODE(F_GEN_SEC('CREDIT'),1,
Credit OLD,NULL)
13. Click the OK button to close the New Item dialog box
14. Move the item to its correct location by placing it immediately above the original item
15. Test using Plus
I hope this helps
Regards
Michael -
How to restrict data in reports for different users...
i created a monthly_sales report on XYZ_SALES_FACT table
i have to give restriction on reports based on the users.
i.e. user_1 will access only NORTH region sales info on monthly_sales report
user_2 will access only SOUTH region sales info on monthly_sales report etc.
Note: my client is not agreeing to create multiple reports based on the user/region.
how i have to give user restriction on report based on the users?Hi,
You can create a VPD policy and then create a login trigger and pass SSO client_indentifier or database session_user (use if/then/else to protect both)
You can check here for the VPD/login trigger.
Disco Config Guide
http://download.oracle.com/docs/html/B13918_03/security2.htm#sthref1002
OTN articles
http://www.oracle.com/technology/obe/10gr2_db_vmware/security/vpd/vpd.htm
http://www.oracle.com/technology/oramag/oracle/04-mar/o24tech_security.html
You can also use secure views, mandatory conditions in the EUL, etc.
Some other related forums entries:
Re: Using VPD with Oracle Discoverer without SSO
Re: Restrict Data for a user without VPD
May want to search, likely many others on the subject.
Should give you a good place to start.
Regards,
Steve. -
Restricting Access for SQ01 User Group
Hi ,
Please let me how to Restrict Access for a User Group to only some of the specific users?
Thank you
Edited by: Vibhor Arora on Apr 12, 2010 7:29 AMHi,
Can you please clarify what exactly you want to know, your request can be interpreted in a few different ways.
If you are concerned that people have access to all user groups, then you need to remove access to S_QUERY activity 02 and I think activity 23. They will lose access to all user groups that they are not assigned to via SQ03. -
Restricting User defined Field for certain user
Hi experts
I have a field name U_JobNumber at header level of Item Master Data. Can we make visible for certain user ?
Is this possible .
Thank you in advance
BishalHi Bishal,
There is a standard feature in SBO that allows you to enable and set the visibility of UDFs. This works on a user/company level. To do this, log in as the user, open the Item Master form and make sure that the UDF tabs is showing then choose Tools-Customisation Tools--Settings from the top menu. You'll then see a separate window that allows you to set the visibility or any UDFs on this form.
I don't think this feature is currently exposed via the DI API or UI API so you'd need to set these manually.
Kind Regards,
Owen -
Disabling cprojects alerts for certain users only
Hi
I need that no email alerts are sent to certain roles/people who have authorizations in cprojects. There are numerous alerts sent as email for any change of dates, thresholds etc. I need to disbale any email being sent in this for certain users.
How can it be done?
Regards
SenthilHi Senthil,
Would you please check the following
Evaluations -> Business Add-Ins (BAdIs) -> Change Alerts from Severities in cProjects
related method is CHANGE_ALERTS_OF_PROJECT, which has a change parameter:
CT_LANGUAGE_OF_RECIPIENT. You can apply your own logic to remove some recipient of the table, so that they do not get the e-mail.
Never tested, please check it out.
Kind regards,
Zhenbo -
How to access data of all users in a page?
Hi all, I am new to APEX and have a query.
I have installed APEX on my local machine, created a workspace, and added a few users with roles.
I am creating an application, similar to a Library app, where I have a table that stores Books information (BOOK_ID, BOOK_NAME, etc). I'd like to create another table BOOK_USER with two columns, BOOK_ID and USER_ID. BOOK_ID would refer to the BOOKS table, and I want USER_ID to refer to the table that stores user details of the workspace that I am using. The data entry would happen from a page that has two LOVs, one for book name (using BOOK_ID as the value) and another for user name (USER_ID, or whatever field APEX uses to store user's ID). Can I do that in APEX? I've found ways to access and authenticate a user for a page, but how to get data of all users in the workspace? In other words, how to get all usernames in a LOV?
As I am new to APEX, I'd appreciate if someone can guide me through the steps, or post links to tutorial, etc.Assuming that you are using the Application Express User Accounts for authentication, in that case you have to use built-in apex views
selet * from APEX_WORKSPACE_APEX_USERSAnd use USER_NAME column instead of user_id
See http://docs.oracle.com/cd/E37097_01/doc/doc.42/e35125/priv_public001.htm#HTMDB25949 -
How to extract data for particular two members of same dimension.
As per the requirement i need to export data for certain members of a dimension. Lets say we need data for two account members A and B which is in in Account dimension only but is not a direct children. I need the data for all the available years too. Please suggest me how my DATAEXPORT command should look like.
When i am using an AND statement it is not working accordingly. Say i am fixing for years 2007 and 2009 but the output file is coming for 2009 and 2010.
Something other is happening when i am fixing OPEX_31 and OPEX_32. The values are coming not only for OPEX_31 and OPEX_32 but for many more accounts too.
Here is my dataexport statement for your reference
SET DATAEXPORTOPTIONS
DataExportLevel "ALL";
DataExportColFormat ON;
DataExportDimHeader ON;
DataExportOverwriteFile ON;
FIX("LC","Total_Year","ESB1","2009","SIERRA","COSTCENTER_NA","CELLULAR_NA","OPEX_31",
"January","February","March","April","May","June","July","August","September","October","November","December");
DATAEXPORT "File" " " "D:\exports\feb.txt";
ENDFIX;
I need data for OPEX_31 and OPEX_32 for all the available years starting from 2001 to 2025.
Please suggest what are the modification needed to get the desired result.
Thanks in advanceHi,
There a few different options you can use for fixing on the months, years..
e.g. FIX(January:December)
or FIX(@CHILDREN(YearTotal)) < depends what the parent of the months is
sames goes for years
FIX(2009:2025)
or
FIX(@CHILDREN(Year)
If your period dimension is dense you can always use that as the column header e.g. DataExportColHeader "Period" and then fix on the accounts you require.
Cheers
John
http://john-goodwin.blogspot.com/ -
How to restrict authorization for OBC4
Dear all
How to restrict authorization for obc4( field status) for user id wise
Regards
nasaHi Nasa
You try to use the S_TABU_LIN object. With this object you can control access to tables (called from maintenance views, SM30 etc) based on the database key for the table.
And as far as I cant see, the OBC4 transaction is just a couple of maintenance views for V_T004V andf V_T004F.
You can find a small how-to [here|http://www.mhn-consulting.com/s_tabu_lin.html]
Regards
Morten Nielsen -
Save persistents data for all users
Hi
The persistent datas are save for one specified user, the user logged in into the system (e.g. Windows).
Is it possible to save persistent data for ALL users?
If yes how?
Thanks
HansHi Hans
IMO it might be a bit tricky. As you know - Persistence objects are stored in databases. I presume you're not asking about document database. Second database is stored in SavedData file which is located in per user data directory. I.E. on mac in ~/Library/Caches/Adobe Indesign/Version 6.0/en_US/Indesign SavedData
Probably you need to create your own implementation of persistence or take a look on relations between file system and IDataBase interface.
Regards
Bartek
Maybe you are looking for
-
Problems using Modbus TCP accessed by NI OPC Server
Hi there, i'm using NI OPC-Server to access a measurement module. The buildup is quite easy, my system with NI OPC, a modbus gate and there the module connected with RS485. There's a thermocouple to provide me some sample data. But there's the point.
-
I've tried looking up the answer online but I cannot find the one specific to this code. No idea what it means or how to fix it, or even if it posses a major issue. But I have been having issues with my internet browsers. when I open them as soon as
-
How to install oracle 11g and 10g on same linux server.
how can i install oracle 10g and 11g on same linux server ???? 10g database is already installed , i want to installed 11g on the same machine. How can i do this???
-
ITunes says that the IPod software is updated but my IPod shows a picture of a USB Cord and the ITunes circle.
-
Installing SQL 2008 / SQL 2012 in a DMZ covered by RODCs
Hello guys, I'm trying to install SQL 2008 (tried also SQL 2012) in a W2008R2 server that lives in a DMZ site covered by a couple of RODCs. The RODCs have full access to the RWDCs, but the traffic is blocked from the rest of computers in the DMZ to t