Query designer authorizations

Similar Messages

• Authorization in BEx Query Designer: "read only" for definitions of variables

  Hello,
  I`m developing a concept of authorizations for key user who should be able to maintain certain
  objects in the query designer. For other objects they should have access “read only”.
  The users have authorizations  to  design new queries.  They should be able to use existing variables
  (SAP Business Content ( 0*) and customer variables (z*). On this point, I have a problem: in the selection window of the query designer there are only buttons to create, to delete and to edit a variable.
  The user must have authorizations for changing, although he just wants to look for the definition
  of a variable (if he wants to see their basic or global settings before using the variable).
  I can´t find a possibility to switch from “edit” to “read only”.
  The users should only see and apply variables from others (SAP, collegues), but he mustn´t be able to
  change them.
  The user needs the following authorization objects:  S_RS_COMP , activity =02 (change), also
  authorization object S_RS_COMP1. If I give the users only activity 03 (display),
  the user get the message: “display not allowed”.
  Is there any possibility to give a key user the authorization to display all variables with
  their definitions?
  Best regards
  Ricarda Seyb

  Hi raghukan,
  This is may be due to the authorization but still you can check the consistency check for these queries using RSRV.
  Regards,
  Amit

• Authorization issue in bex query designer

  hi all ,  my SAP GUI version is 7.10 , patch 17. , i am facing this issue regarding the ,I have been analyzing a data target for a new requirement , but i am facing problem accessing the reports created on the same data target. i am able to open the previous report in the analyzer built on this data target , but when i tried to edit it using the query designer , the stats message appear as follows
  message:  Authorization change not available for query ' voice of customer.
  .INFO: new functions :'xxxx' can not be edited in the query designer 
  i am facing this problem in all the queries related to  VOC ,. please help me in solving this.

  Hi raghukan,
  This is may be due to the authorization but still you can check the consistency check for these queries using RSRV.
  Regards,
  Amit

• Restricting infoobject in query designer with authorization object

  Hi,
  We have to restrict CUSTOMER infoobject with a authorization object in query designer.
  How to do this task ? Request kindly suggest.

  thr RSSECADMIN tcode. Search with this key word you will get good docs & Wikis in SDN
  bhaskar

• Sap bi authorizations issue with query designer..

  i am using bw 3.x and bi 7 query designer with different kind of probs?...
  i am able to see the info provider  in query desinger 3.x. but i can see only cubes .i am not able to find dso or infosets or multiprovider.. can anyone suggest is there any authorizations issues..please suggest.
  and with BI 7 query designer i am not able to see info providers in info areas folder to design a query..
  please suggest if any authorizations should be added or not

  hi suman chakravar,
  thanks for replying,
  can u be little bit clear about the steps.
  i went to tcode su01 and entered profile 0bi_all..it doesnt work.
  and executed tcode su56.there i can find list of BI related authorization profiles
  i added s_rs_all profile to my user. even then i face the same problem.
  i can see only queries in query designer of bi 7 format and i can not view info providers.
  i can view only cube and infosets and i can not view dso and multiproviders in bw 3.x type query designer
  Edited by: satishchow on Dec 14, 2011 3:23 PM

• How to restrict the attribute values for the user in query designer

  Hi All,
  I have a requirment where certain user would see certain vailes in the query desiner of the attribute.
  The requirment is we have planing material which is attribute of material
  When X user want to restrict the  values for planning material ,where he is able to see all the planning material.But who is not authorized for all the value.
  Ex: X user has authorization for see planning material 100,101,102. of material But when he try to restrict the planning material in query designer where is getting all values of planing material.
  Or
  is there way to blank the restriction help.so that he can't able to see values while restricting
  Please some one can advise me on it..

  Hi,
  Let me sum up:
  you have an object ZPLNMAT for the planning material
  you have the object 0MATERIAL for material and this object has ZPLNMAT as attribute.
  If you can restrict in the query designer, I suppose this attribute is then as navigationnal and also added in the multi-provider.
  The object ZPLNMAT is checked as relevant for authorization, and you set up a role with the attached values of ZPLNMAT this user should have access to.
  Are you sure the users are restricting on the ZPLNMAT object and not 0MATERIAL, because you should have everything now
  PY

• Error  in opening  Query  in Bex Query Designer

  Hi all,
  I am getting an error while opening the InfoProvider for a new Query in the Bex Query Designer.
  program error in class SAPMSSY1 method : Uncaught_exception.
  ASystem error in program CL_RSR and form GET_COB_PRO-02
  In RSRT:
  00000003      I>> Row: 78 Inc: LRRMSU13 Prog: SAPLRRMS
  00000003      ASystem error in program CL_RSR and form GET_COB_PRO-02- (see long text).
  With Regards

  Hi Raju,
  Check for the authorization
  Auth object : S_RS_ICUBE , S_RS_MPRO,S_RS_ISET
  Infocube subobject -> aggregate ,data ,definition.
  Auth object S_RS_COMP
  Activity                       01, 03, 16, 22  
  And let us know ...
  Hope that helps.
  Regards
  Mr Kapadia

• Portal runtime error while executing BI report through BEx Query designer

  I want to execute a query from query designer but when I execute it the following error occurs -
  Portal runtime error.
  An exception occurred while processing your request. Send the exception ID to your portal administrator.
  Exception ID: 04:30_30/04/11_0008_35740651
  Refer to the log file for details about this exception.
  I have checked log, the error displayig in log is,
  ACCESS ERROR: Authorization check for caller assignment to J2EE security role SAP_J2EE_Engine:administrator
  Kindly help me.
  regards
  nk

  Dear Friends
  I have the same with this problem
  Please help us to resolve this problem
  Thanks and best regards

• Infoarea not appearing in Query designer

  Hi - I have some cubes created under cross application components infoarea but the infoarea is not appearing in the query designer. I have to create reports on these. how can I see them in query designer?
  Thanks,
  Raj.

  Hello,
  Please check your role. You do not have the authorization for that infoarea.
  Hope it helps,
  Regards,
  Meric

• Attribute not visible in the Query Designer

  Hi,
  I am not able to see 0BPPartner as attribute of object 0Customer in the Query designer .It is marked as display attribute.For some user its visible & for Some not.
  Please help me its very urgent.
  Thanks & regards,
  Anita

  Hi Anita,
  As you stated earlier that some users are able to see it and some are not then it surely is a Authorization/Profile issue. Speak to the BASIS/person who manages this to resolve the issue.
  Bye
  Dinesh

• In query designer , cant able to change/modify the query porperties

  hai experts / friends
  even in production or develeopment i have selected one query in query designer and opened and after that am selecting one default value and then right hand side it displays the properties of that particular query then i can not modify the changes ...that Display and change option is in disable....how can i enable this button...
  please help me friends...
  previously i have tried using production and then i thought because of production it is not getting enabled then i tried in development , and came to know that even in development also same problem it is not getting enabled....
  thanks in advance..
  regards
  anand

  hai friends..
  thanks for all your reply...
  actually i want to explain detail  ..
  after selecting the one particular query , am just placing the mouse in my charecteristics restrictions and then right hand side
  properties window gets displayed and at the top we can find display/change button and save button technical name
  button
  in that display and change button is disabled...i want that button to be enabled.
  i have checked in my authorizations in SU01...
  even i have all the profiles like SAP_ALL ...
  and then i have been trying to have transaport connection and then creating transport conn. for BeX...but it is asking package name...
  in this case i dont know the exact package name....
  can any body help me in this regard???
  thanks
  anand

• Can't see good variables in Query Designer BW 7.0

  Hello,
  The technical name of our caracteristic variables in the Query Designer are prefixed by "OR_" or "SV_". I try to make a filter in this variables (for example: a user must be able to see only "SV_" variable) with the authorization objects S_RS_COMP and S_RS_COMP1. But this filter does not work, even if the ST01 trace shows me a Return Code = 4 for the test in the variable technical name.
  Have I made something wrong ? is it a bug ? (we are in BW 7.0 SPS9 with Sapgui 6.40 SP 19 and BEx SP 12).
  Thank you for your help

  Hi Paul,
  If iam not worng, are you asking about Infoobject level security in BW?
  If it is, the following are the steps need to be implemented:
  <u><b>Steps to Implement InfoObject Security (field-level security)</b></u>
  1) Make the InfoObject authorization-relevant.
  The Authorization Relevant setting for an InfoObject made in the InfoObject definition on the Business Explorer tab. The business needs will drive which InfoObjects should be relevant for security. Keep in mind that the people using SAP BWare running queries to help make strategic decisions on how to better run the business. The decision makers typically need to see more data on SAP BW than they would need to see in SAP R/3.
  2) Create a custom reporting authorization object.
  Since there are no reporting authorization objects provided for InfoObjects, you will have to create your own reporting authorization object for any InfoObject you decide to secure. This is done in transaction code RSSM. When creating your reporting authorization object, you select which fields to put in the authorization object from a list of authorization-relevant InfoObjects. Only InfoObjects that have been marked Authorization Relevant are eligible to be put in a reporting authorization object.
  3) Add your new authorization object to a role.
  Once you have created an new reporting authorization object and linked it to the appropriate InfoCube(s), users will need access to your reporting authorization object. You will need to manually insert your object into a role.
  4) Add a variable to the query.
  The reason the variable is required is sometimes unclear at first. If we want a  query to only provide results based on the division, for example, then the query itself needs the ability to filter specific division values. Before we can secure on division, the query must be  able to restrict data by division. The only way the query can restrict data dynamically is through a variable.
  5) Link the reporting authorization object to an InfoProvider.
  Linking your reporting authorization object to an InfoProvider is a very critical step. In this step, you will impact people currently executing queries for the InfoProvider that is now related to your reporting authorization object. This linkage forces your reporting authorization object to be checked when ANY query tied to the InfoProvider is executed.
  Hope it helps, please revert back if you are asking for something else.
  Please reward points if it is sueful.
  Thanks & Regards,
  Santosh

• Attribute not visible in Query Designer

  hi BI Gurus,
  I could not see some InfoObjects(Attributes) which are marked Authorization Relevant, in the query designer. And the strange thing is, they are not visible even for the user with SAP_ALL and 0BI_ALL assigned. The authorizations for the  cube in which the main char is used looks fine.
  I have checked all the options in RSECADMIN, everything looks good.
  pls help me in finding the solution..
  thanks
  Cnu..

  check out with the info object screen in attribute tab, navigational attribute on/0f switch box, if u r using FF source system.
  check out with the infocube whether u r checked the check boxes in navigational attribute tab.
  regards
  harikrishna.N

• Missing attribute in query designer

  Hi,
  I need some reasonable explanation for an odd behaviour. Here is the scenario: a multiprovider, say X, has an infobject with some attributes where two of them are navigational and authorization relevant, but not for multiprovider X which had their checking disabled on RSSM. In Query Designer a query built on infoprovider X does not show these attributes in the "Attritbutes tree" below the infobject unless an specific authorization be given to the query owner with value * for the authorization object. Where is the trick if multiprovider X is told not to check these authorization relevant attributes? On the other hand, authorization relevant infobjetcs shouldn't be a matter of data selection? Why are they sensitive in query designer if their check are disebled for that multiprovider?
  Does anyone know how to explain this?
  By the way, I'm using BW 3.5.
  Thanks,
  Fernando

  Hi, Troy
  Thanks a lot for your reply. I opened an OSS to SAP to answer why even the infoprovider having the object authorization unchecked, in design time with Query Designer the atribute was hidden. The consultant said that checking does matter only in runtime. In design time the user has to be fully authorized for the (authorization relevant) attribute to be seen, regardless whether the authorization object is or is not flagged on the infoprovider (transaction RSSM).
  Below is a reply from Erick from another BI forum for this same issue that solved my problem. It may be helpful to you too.
  "<i>Hi,
  I'm working on a BW 3.5 project and I've encountered the same issue.
  The issue occurs if :
  - an infoobject is authorisation relevant
  - this infoobject is attribute of a master data
  - the corresponding authorisation object is flagged in an infoprovider
  - role included this object restrict value
  Solution:
  you have to create a new authorisation object link to your infoobject.
  This new authorisation object has to flagged in NO infoprovider.
  Then create a role including this authorisation object and affect * as value.
  As a conclusion, you can build an additional role including each authorisation object (with *) linked to each infoobject authorisation relevant (which are master data atribute).
  Hope this help you,
  Regards,
  Erick</i>"

• Key Figure Attribute not displaying in Query Designer

  Hello Experts,
  I have an InfoObject which has Key Figures as attributes.  When creating a query I <b>once</b> was able to see these Key Figure attributes in the Query Designer.  Howerver, recently I am not able to see them anymore in our DEV environment. 
  In our QA and PROD environment I am to see these Key Figures attribues in Query Designer.  Is there a setting that I am overlooking?  We are currently on BW 3.5 with SP 19.
  Please help!
  Thanks in advance,
  BQ

  Hi Jaya,
  Thanks for the quick response.  But how to I check the authorization for 1KYFNM and what am I looking for?
  Thanks,
  BQ