Use of RSSM to create authorization objects

Similar Messages

• Issue while creating Authorization Object

  Hi,
  I am in the processing of creating Power user roles. Everything seems to be working fine. But when I am trying to assign the Authorization object which is on 0PLANT its not giving me the proper results. I have followed the below process:
  1) Created a Authorization object on 0PLANT and provided one plant value (eg ABC) under Value Authorizations.
  2) Created a role and assigned this authorization object. Assigned this newly created role to Power User.
  3) Created a report and executed with power user ID.
  When I executed the report with power user ID I am expecting to see only ABC plant value. But here in my case I am able to see all the plant values.
  Can somebody help me.
  Thanks in Advance,
  Shanthi.

  Hi Rayudu,
  please refer to SAP note  [1151136|https://service.sap.com/sap/support/notes/1151136] that provides some helpful information how to use BAPIs in RE-FX.
  Furthermore I would suggest to try out the following:
  - Create a rental object manually with CO settlement rule
  - Use BAPI_RE_RO_GET_DETAIL to read the data
  - Check the fields that are filled for structures for CO settlement and check if you have filled the fields for BAPI_RE_RO_CREATE the same way.
  Hope this helps.
  Regards, Franz

• Using a variable while creating an object

  I have 8 buttons called b0 to b8
  Button b0 = new Button (frame, 10, 10, 50, 50,"",'0');
  Button b1 = new Button (frame, 70, 10, 50, 50,"",'1');
  Button b2 = new Button (frame, 130, 10, 50, 50,"",'2');
  Button b3 = new Button (frame, 10, 70, 50, 50,"",'3');
  Button b4 = new Button (frame, 70, 70, 50, 50,"",'4');
  Button b5 = new Button (frame, 130, 70, 50, 50,"",'5');
  Button b6 = new Button (frame, 10, 130, 50, 50,"",'6');
  Button b7 = new Button (frame, 70, 130, 50, 50,"",'7');
  Button b8 = new Button (frame, 130, 130, 50, 50,"",'8');Rather then create them seperately a for loop would make more sense I think. Something like
  for (int i = 0; i < 9; i++) {
                  int x = (i % 3) * 60 + 10;
                  int y = (i / 3) * 60 + 10;
                  Button "b"+i = new Button (frame, x, y, 50, 50,"",i);
              }But I cant make this work, what am I doing wrong.
  Thanks

  Variable names don't mean much in Java. Certainly you can't do operations on them like
      Button "b"+iBut your buttons do form a sort of group or unit - they are geometrically related for one thing. What you need to do is create an object that represents this group.
  Try using an array.
  Declare an array of 9 buttons. Then you can use a for loop much like you have. But instead of talking about "b"+i, you would talk about b.
  Anything you were doing before with b2 you can still do - by referring to that Button as b[2].

• Newly Created authorization Objects after SAP Upgrade

  Can someone tell me whether there is any transaction or table that display the added object authorizations after a Sap Upgrade ?
  Thanks in advance.

  Also, you can check SAP_NEW profile which shows which authorization objects have been added in which release.

• Using ZIF_EXCEL_READER~LOAD to create ZCL_EXCEL_READER_2007 object

  Hello ZIP, Excel and ABAP2XLSX-Experts,
  I'd like to convert a given Excel-File (.xls) which has been uploaded to the DMS in SAP-DB-Tables (like DRAW etc.) via transaction CV01n to an excel_reader_2007 object.
  After that I'll hopefully be able to address the excel-object and insert my report-data into the right cells given by that template.
  I've managed it to that point, where I've already read the content of the file (type: xstring) in my excel class with this method:
    me->mv_content = me->raw_to_xstring( input = lt_orblk ).
  After that I try to instanciate an excel_reader_2007-class:
        CREATE OBJECT lo_excel_reader TYPE zcl_excel_reader_2007.
      co_excel = lo_excel_reader->zif_excel_reader~load(
                                      me->mv_template_xstring ).
  In this load-interfacemethod the ixml is beeing drawn from a zip-archive - whatever it's doing here with the rels thing:
    me->excel2007 = i_excel2007.
    rels = me->get_ixml_from_zip_archive( '_rels/.rels' ).
  This method calls immediately the next method: get_from_zip_archive.
      content = me->get_from_zip_archive( i_filename ). "_rels/.rels
  And then, in this method a zip-object is created and loaded.
       CREATE OBJECT me->zip. "CL_ABAP_ZIP
      zip->load(
        EXPORTING
          zip             = me->excel2007
  I think this load-method is already the troublemaker:
  In the line 75 nothing is done, because the offset is 0, maxlength = 3601404 and zip+offset(4) = 'D0CF11E0' and never '504B0304'
     WHILE offset < max_length AND zip+offset(4) = '504B0304'.  " local file header signature
      file_no = file_no + 1.
      APPEND INITIAL LINE TO files ASSIGNING <file>.
      APPEND INITIAL LINE TO exts  ASSIGNING <ext>.
  But the zip->load( me->excel2007 ) runs without exception but the table 'Files' will not be filled. That's the crux because in the next ZIP-method in method get_from_zip_archive will be tried to read the zip-files:
      zip->get(
      EXPORTING
        name                    = i_filename
      IMPORTING
        content                 = r_content    " Contents
  And here, the read from table files fails of course with the raise of zip_index_error.
     IF index IS INITIAL.
      READ TABLE files TRANSPORTING NO FIELDS WITH KEY name = name.
      IF sy-subrc IS NOT INITIAL.
        RAISE zip_index_error.  "#EC RAISE_OK
      ENDIF.
      index = sy-tabix.
    ENDIF.
  Now, can anybody tell me, how I get my xstring - content successfully transferred to ZIP or that ZCL_EXCEL_READER_2007 class.
  What went wrong?
  Is it possible that it has got to do with the installation of the frontend or that the xls is maybe 2002 Version?`
  It doesn't help to save it as .xml. I already tried it.
  I would appreciate some help!
  Version of the System is ECC 6.0, SAP-Basis 7.31, ABAP2XLSX-Version 5.0 (doesn't work with the change to 7.0, too - already tried it)

  Solved: The Version of the .xls-template in the DMS (document management system) was Excel 2002.
  I uploaded a Excel 2010 version in the DMS and then it worked.
  Having a 2002 Excel version always creates a local header with the zip+offset(4) =
  'D0CF11E0' .

• RSSM: Checks Authorization Objects for Infoprovider are not activ

  Hello,
  we have BW 3.5 and we use RSSM Authorization Objects.
  When we create a new cube with an Infoobject that is authorization relevant, in our development-system in rssm the flags for the checks are automatically activ.
  When we transport the new cube to our production-system, the flags in RSSM for the authorization object are not activ.
  Sometimes the new infoprovider is not in the list of the infoprovider in rssm, so we have to "update check status" with the appropriate icon.
  My question:
  It is possible, that when we import the new cube in our production-system, that all authorization objects are activ??

  Hi,
  Normally system would check all the authorization relevant objects whenever a new Info cube is imported and in case if you want to transport these changes to Production system manually then follow the below listed steps:
  1) In Development system, check or un-check the authorization relevancy using the transaction RSSM on a given Info provider
  2) These changes are stored in table RSSTOBJDIR
  3) Create a manuall transport request and include these entries covering the required Authorization objects manually. 
  R3TR TABU RSSTOBJDIR
  Ex: If Info object 'A' is authorization relevant in Development system but not in Production system and you want to transport this change to Production system then include object 'A' table entries manually.
  Hope this helps.
  Cheers
  Bala Koppuravuri

• How to use Standard Authorization Object 'M_MATE_WRK'  in SE38?

  Hi all,
  We have developed one program which calculates the commercial price of the material   
    and update the same in the material master.
  Now we want to implement authorization checks at Plant Level.
  For this purpose I am Using 'M_MATE_WRK' which is standard authorization object.
  But in my Program when I am checking for it, its giving the sy-subrc value as 0.
  This indicates that either it is successful or the object is not active for this particular  program. In my case I know that its the second case only.
  So now somewhere i need to 'Check' this object for this particular Program.
  I have checked SU22 , SU24 but couldn't figure out where should i do the respective  setting.
  I am working on ECC 6.0
  Please help me on this.
  Bare with me if i am asking a silly question.

  Hello All,
  The Problem is resolved now.
  Actually it was the first case only.
  When i created the new user id and checked i realized that its working fine and there was
  some mistake while checking previously.
  Anyways thanks for ur reply.

• FM that retrieve the inner authorization object BBP_ROLE using user's role

  Hi Experts!
  Do you know what Function Module can be use to retreive the inner authorization object BBP_ROLE using the user's role
  e.g. BUYER : YT:PU:XXXX:BUYERROLE
  Object       : BBP_ROLE      SRM: User function / Role
  field name : BBP_ROLE      SRM: User function / Role
  Activities
  Sel      Activity      Text
  x       EMP             Employee
  x       OPP             Operational Purchaser
  ......etc
  Thanks!

  Hi
  Execute Txn S_BCE_68001414 in debug mode, and figure out how system takes the inner authorizations through the flow of this program
  Regards
  Virender Singh

• What FM retrieve inner authorization object BBP_ROLE using the user's role

  Hi Experts!
  Do you know what Function Module can be use to retreive the inner authorization object BBP_ROLE using the user's role
  e.g. BUYER : YT:PU:XXXX:BUYERROLE
  Object       : BBP_ROLE      SRM: User function / Role
  field name : BBP_ROLE      SRM: User function / Role
  Activities
  Sel      Activity      Text
  x       EMP             Employee
  x       OPP             Operational Purchaser
  ......etc
  Thanks!

  Hi
  Execute Txn S_BCE_68001414 in debug mode, and figure out how system takes the inner authorizations through the flow of this program
  Regards
  Virender Singh

• Creation of Authorization Object

  Dear All,
  Can anyone of you guide me on how to create Authorization Object?
  My Knowledge on this concept:-
  1) Mark required object as Authorization Relevant
  2) Use of T-code RSSM
  3) Select marked Authorization Object
  4) Assign fields to it, for authorization.
  thats all i know.
  There are few more additional settings we need to do for it.
  Request you to provide with step by step procedure for the same.
  Thanks & Rgds,
  Anup

  hi
  To create an authorization object:
  1) Execute transaction SU21
  2) Double-click an Object Class to select a class that should contain
  your new auth object
  3) Click on CREATE (F5)
  4) (If creating custom field) - Click the 'Field Maintenance' button -->
  Click on CREATE (Shift+F1)
  5) Enter the Name for the New Authorization field and the corresponding
  Data Element and SAVE
  6) Confirm the Change Request data for the new Authorization Field
  7) Go back two screens (F3-->F3)
  8) Enter the Authorization field name and document the object:
  9) SAVE and ACTIVATE the documentation
  10) Save the new Authorization Object
  11) Confirm the change request data for the Authorization Object and
  EXIT SU21
  12) Finally, the SAP_ALL profile must be re-generated
  the following link will be helpful
  http://209.85.175.104/search?q=cache:BigTSV4_olEJ:www.gingle.com/glenaccess%255CsdnAuthorizationObjectsimple.docHowtocreatauthorisation+object&hl=en&ct=clnk&cd=10&gl=in
  http://aroundsap.blogspot.com/2008/02/sap-bw-70bi-70-new-authorization.html
  Use of T-code RSSM
  Through BIW Authorizations (TCode RSSM)
  Authorization check log. This gives information on
  missing authorizations for reading data.

• Use of RSSM and authorisation processing type

  I create a authorisation object for customer using RSSM. At the report level, I want to create a variable on the "customer".
  If I create a User Entry/default value processing type  for the characteristic variable on "Customer", how will the system handle data restriction checks for different roles for "Customer".
  Or to make my question better,
  Are authorisation objects created in RSSM useful for only Variables with "Authorisation" processing type.
  Thanks
  Simmi

  hi Simmi,
  no, it's useful in infocube level, in rssm we mark which infocube(s), all queries to the infocube will have authorization check. processing type authorization will display report with restriction to all values given to the user.
  to restrict user by e.g customer, you need to maintain in role (transaction PFCG), choose created authorization object (RSSM), and assign value, and assign the role to your user.
  e.g role ZCUST, user A given cust1, user B given cust2 and so on.
  hope this helps.

• Authorization object creation manual method

  hi gurus
  I have a requirement to create authorization objects for my project. The scenario is, we have a query which gives the profit center data on a weekly basis.the users for this report are the project management people. we have not created the project management hierarchy, but presently supposed to use a role as Project Management. We have a set of users for this Project Management role.
  Now based on this scenario i am supposed to create the authorization objects.
  can anybody suggest me the right step by step method for creating the authorization objects.
  I would like to have steps as what i need to do in RSD1, in PFCF, in RSSM and in the BEx.
  you answers will be rewarded accordingly
  thanks in advance
  regards
  vijaykumar

  hi!
  1) identify the infoobject which must have restricted access. I think it is Profit Center in your case or may be PSP element
  2) in infoobject maintainance screen check Whether it is marked as Authorization relevant(RSD1)
  3) goto RSSM and create a new authorization object and add your infoobject to it.
  4) in PFCG role maintainance screen add create a new role Project Management and addt eh users to it. under the authorizations tab go to maintaina authorizatioons and add your authorization object that you create in RSSM. and maintain the correct values with in it.
  with regards
  ashwin

• Roles in BW (Authorization Objects)

  Hi,
  I want to create a role in BW which will provided access to 9 reports on a particular info cube.
  What are the authorization objects do i need to use to achieve this purpose
  Level of authorization:
  Execute any report on that particular data target
  Thanks

  Hi BW KING,
  1.before going to authorizations u have to decide on which Infoobject u have to apply authorizations.
    EX: SD--- Sales Org, MM -> palnt ,purorg,FI> companycode.
  first u ahve to decide which area & on which Infoobject.
  2.goto that Infoobject --> change there check the checkbox Authorization relavent object cahechbox
  2.after that  U Have to goto RSSM there u have to create authorization object
  Ex: Zxxx ( XXX is Infoobject Name ).
  3. In the same transaction Screen u have Infocube selection radio Button check that then select on which cube(cube means under that cube all Quaries) u have to make authorization for that perticuler Infoobject.
  4.next goto PFCG create role & save it
  5.goto Authorization tab in that selct  edit authorization it will give automatiaclly authorization Templates in that u have to select only S_RS_RREPU & press Enter.
  6. Select manual pushbutton it will ask authorisation object enter ur authorization object what u have created ( zxxx) .
  7.click generate  +enter
  8. goto user tab Enter userId+enter  + click on  usercomparision+ enter
  9.save the role.
  Thanks,
  kiran

• How i know Authorization object in system?

  Hi all,
  i create new BAdi with Enhancement Spot: ZWORKORDER_GOODSMVT (copy WORKORDER_GOODSMVT in standard SAP)
  now i have Badi definition: ZWORKORDER_GOODSMVT
  with Interface: ZIF_EX_WORKORDER_GOODSMVT
  all ok.
  now how i can see authorization object in Badi definition: WORKORDER_GOODSMVT (standard)? i already creat Authorization object but now i don't know what field and choose in maintain the authorization (from Badi definition: WORKORDER_GOODSMVT )
  ex: 1. in package BSFC have interface IF_EX_BSFC_POLICY and method GET_POLICY
       2. Authorzation object: B_BSFC (have field name: BSFC_APPL and ACTVT in maintain the authorzation)
  because i get this and solve in my job.
  when i activate the BAdI function called WORKORDER_GOODSMVT and assign to the a.m. authorization object???
  Processing Logic: 
  •     The backflush errors are created after the execution of backflushing transaction in Repetitive Manufacturing (REM) – t-code MF42N or MFBF
  •     If during the backflush execution the components are not available in the respective production storage location then system by default will create backflush errors
  •     Backflush errors will need to be cleared everyday and must be cleared before end month stock take
  •     Backflush errors can be processed using the following t-code:
  o     MF45 – Individual
  o     MF46 – Collective
  o     MF47 – Post processing List
  o     COGI – Post processing Individual Components
  Authorization will be applied only for COGI, while others will not be used in PSECI
  •     Create new authorization object called Z_PP_COGI to be assigned later to the user id
  •     Activate the BAdI function called WORKORDER_GOODSMVT and assign to the a.m. authorization object
  •     For unauthorized users, an errors message will appear if they try to delete the backflush errors in COGI transaction as follows:
  o     You are not authorized to change/ delete the backflush errors! Please contact your superior!
  Thanks so much all, ......

  Hi Nguyen,
  Check the following links:
  http://help.sap.com/saphelp_erp2004/helpdata/en/b8/bdb83b5b831f3be10000000a114084/content.htm
  http://help.sap.com/saphelp_nw04s/helpdata/en/52/6714a9439b11d1896f0000e8322d00/content.htm
  Regards,
  Rajesh K Soman
  <b>Please reward points if found helpful.</b>

• Adding authorization objects to Report Painter reports

  Hello Everyone,
  Is there way to add authorization objects to report painter reports ? I know it is possible to add auth group at the header level but I need to limit access at run time to specific objects, say for example, Cost Center. Is this possible ?
  I have seen the Get_Reporter.pdf document and it seems to discusses adding auth group but not auth objects.
  Thanks in advance.
  Dorothy

  hi
  good
  use this tcode to create authorization
  SU21  Maintain Authorization Objects
  this link ll give you idea to create the authorization object for the report painter.
  http://www.virtuosollc.com/PDF/Get_Reporter.pdf
  Award points if helpful.
  thanks
  mrutyun