User Authorisations in SRM 7.0

Similar Messages

• User Authorisations in Dialog Programming.

  Hi Friends,
  I have a small requirement, I want to create user authorisations in dialog programming.
  Actually client requirement is he want to enter absence details of each and every branch.
  For that i have created a cusom table and i  also i have developed a dialog program inorder to update the details
  and to retrive all the data i have created a report program also.
  Now the client requirement is he want user authorisations while updating the data through dialog programming, that means if a user loging in that particular branch he want to enter the absence details pertaining to that branch only, when he tries to enter the details of other employee pertaining to another branch an error should be raised.
  Actually in the client place they are using authrisation object as 'Z_WERKS'.  The basis person has created this and provided for me.
  Actually i have created an Authority check in module pool program.Here iam attaching my prog,
  Pls provide me the sample code if at all available.
  *& Include ZEMPTOP                                           Module pool
  PROGRAM  ZEMP.
  TABLES : ZABS,PA0001.
  DATA : WA_PA0001 LIKE PA0001,
         V_ANS.
  DATA: BEGIN OF Z_WERKS OCCURS 0,
          PERSA LIKE T500P-PERSA,
          NAME1 LIKE T500P-NAME1,
        END OF Z_WERKS.
  *&  Include           ZEMPI01
  *&      Module  USER_COMMAND_0100  INPUT
        text
  MODULE USER_COMMAND_0100 INPUT.
  CASE SY-UCOMM.
  WHEN 'DISP'.
  SELECT SINGLE * FROM ZABS WHERE PERNR = ZABS-PERNR.
  IF SY-DBCNT <> 0.
  *MESSAGE I000(Z00) WITH 'Details of' ZABS-PERNR .
  else.
  MESSAGE I000(Z00) WITH 'No Details Available to Display'.
  ENDIF.
  WHEN 'EXIT'.
  LEAVE PROGRAM.
  WHEN 'BACK' OR 'EXIT' OR 'CANCEL'.
  LEAVE TO SCREEN 0.
  WHEN 'CLS'.
  CLEAR ZABS.
  WHEN 'INS'.
  INSERT ZABS .
  ZABS-ABWTG = ZABS-ENDDA - ZABS-BEGDA + 1.
  IF SY-DBCNT <> 0.
  MESSAGE I000(Z00) WITH 'Personnel No' ZABS-PERNR
  'inserted successfully'.
  ENDIF.
  CLEAR ZABS.
  WHEN 'MOD'.
  UPDATE ZABS.
  ZABS-ABWTG = ZABS-ENDDA - ZABS-BEGDA + 1.
  IF SY-DBCNT <> 0.
  MESSAGE I000(Z00) WITH 'Personnel No' ZABS-PERNR
  'Modified Successfully'.
  ENDIF.
  CLEAR ZABS.
  *WHEN 'DEL'.
  *CALL FUNCTION 'POPUP_TO_CONFIRM_LOSS_OF_DATA'
  EXPORTING
     TEXTLINE1           = 'ARE YOU SURE'
     TEXTLINE2           = 'YOU WANT TO DELETE'
     TITEL               = 'CONFIRMATION'
     START_COLUMN        = 25
     START_ROW           = 6
     DEFAULTOPTION       = 'N'
  IMPORTING
     ANSWER              = V_ANS.
  *IF V_ANS = 'J'.
  *DELETE ZABS.
  *IF SY-DBCNT <> 0.
  *MESSAGE I000(Z00) WITH 'Personnel No' ZABS-PERNR
  *'Deleted Successuflly'.
  *ELSE.
  *MESSAGE I000(Z00) with 'No Record to Delete'.
  ENDIF.
  *ENDIF.
  ENDCASE.
  ENDMODULE.                 " USER_COMMAND_0100  INPUT
  *&      Module  GET_REC  INPUT
        text
  MODULE GET_REC INPUT.
  SELECT SINGLE * FROM PA0001 INTO WA_PA0001
           WHERE PERNR = ZABS-PERNR.
  MOVE: WA_PA0001-PERNR TO ZABS-PERNR,
        WA_PA0001-ENAME TO ZABS-ENAME,
        WA_PA0001-GSBER TO ZABS-GSBER,
        WA_PA0001-WERKS TO ZABS-WERKS.
  ZABS-ABWTG = ZABS-ENDDA - ZABS-BEGDA + 1.
  ENDMODULE.                 " GET_REC  INPUT
  *&      Module  CHECK_AUTH_WERKS  INPUT
        text
  MODULE CHECK_AUTH_WERKS INPUT.
  *SELECT PERSA INTO TABLE _WERKS FROM T500P
          WHERE  PERSA = ZABS-WERKS.
  AUTHORITY-CHECK OBJECT 'Z_WERKS'
  ID 'PERSA' FIELD Z_WERKS-PERSA.

  You need to test the sy-subrc after the authority check - that will indicate whether the user has the authorisation or not.. you also often include the activity being tested e.g. generally 03 = Display, 02 = Update etc
  AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'
    ID 'ACTVT'    FIELD '03'
    ID 'CUSTTYPE' FIELD 'B'.
  IF not SY-SUBRC is initial.
    MESSAGE E...   "put your exception here...
  ENDIF.
  see [Programming Authorization Checks  |http://help.sap.com/saphelp_nw04/helpdata/en/52/6712ac439b11d1896f0000e8322d00/content.htm] for more info.
  Jonathan

• How to build in user authorisation in sender soap adapter

  HI ,
  how can i built the user authorisation in sender soap adapter. either in a url or somewhere on the server .
  if anyone has an idea do let me knwo
  Thanks
  Nikhil

  Nikhil,
  <b>sender soap adapter</b> is used for ex in the case, u need some data from the DB say of a vendor. U give the name of the vendor in the site, suppose u get the contact address of the vendor from the DB.
  Sender soap adapter sends the soap request from the client to XI and from XI the request is passed to DB.
  With XI, WSDL file is generated and SOAP request is generated for the WSDL file. When the WSDL is deployed on the client application, the authorization is handled.
  For receiver SOAP adapter, it is the otherway round u r getting the data from the DB first and so the authorizations are held in XI.
  -Naveen.

• User authorisation check in ABAP-HR program

  Hi,
  Can anyone please help me on the following query ?
  I need to check user authorisation in an ABAP report at Object level, filter only relevant records based on the user's authorisation and display appropriate messages.
  The above mentioned report is purely developed by us and is not a copy of any standard report. Hence, kindly help me with your suggestions and opinions.
  Thanks and Regards,
  Manas Menon

  Create an authorisation object (SU21)
  Put an authorisation check for this object in your report (AUTHORITY-CHECK)
  Create a role that contains this object (PFCG)
  Assign this role to all the users who require access to the report (SU01).
  <REMOVED BY MODERATOR>
  Edited by: Alvaro Tejada Galindo on Feb 27, 2008 2:07 PM

• User deletion in SRM 4.0

  Hi Guys
  Can anyone suggest me how to delete large number of Users from the SRM system,i.e with Postion, BP, an SU01 data should be removed. As I dont have option for deletion of users from USERS_GEN trxn in SRM 4.0.
  Please help by suggesting me with any program or Tcode .
  Regards
  Srujank

  better lock the user since he may some business documnt open and you can not proceed further.
  br
  muthu

• Mass Users deletion in SRM 4.0

  Hi Guys
  Can anyone suggest me how to delete large number of Users from the SRM system,i.e Postion, BP, an SU01 data should be removed. As I dont have option for deletion of users from USERS_GEN trxn in SRM 4.0.
  Please help by suggesting me with any program or Tcode .
  Regards
  Srujank
  Edited by: srujan K on Oct 5, 2009 4:47 PM

  Hi Srujank,
  you can use the program RHRHDL00 to delete any object in the org. structure .
  kr,
  Raz

• Suddenly unable to update User Authorisation in 8.8 PL11

  This has been posted previously, but it was marked as solved... But the "solution" is not working for us.
  (original thread: Unable to update User Authorisation after Upgrade to 8.8 PL13)
  We did not have any problems after upgrading our db's to pl11.  It was just recently that this function stopped working.
  Here are the steps and failure outlined:
  Steps :
  1. Update the one of the user authorisation of the upgraded company. Eg. Set Drag & Relate from Various Authorisation to Full Authorisation.
  2. Click on "Update" (nothing happened).
  3. Click on "Update" (2nd time, system indicated that Update is successful.
  4. Exit from General Authorisation.
  5. Re-enter General Authorisation.
  6. Found that the authorisation for that user is updated. it is still Various Authorisation for Drag & Relate.
  I have tried other users and found to be the same. authorisations are not updated. Furthermore, the Update button is clicked twice.
  Our other 5 company databases do not have this issue.
  Please advise. What needs to be done.

  Gordon, I think you're on to something, but I am already looking down this path too...
  I ran the following query,
  select distinct permid from usr3 where permid not in (select absid from oupt)
  This query showed results, therefore there is definitely inconsistencies in the database.
  I guess, this means that there's no solution?  Only a "hotfix" from SAP?

• Users upload in SRM system

  Hi friends
  I wanted to know the order of the fields in which they have to be arranged in a file to upload the users in the SRM system, using users_gen.
  I want the header like which field belong to what ?
  Can anyone guide me on this.
  Regards
  Srujan

  Hello ,
  If you are uploading users from file ,
  The sequence will be same as the sequence in which you select the fields , The first 3 are mandatory fields
  User ID
  Last Name
  Org Unit
  After that you can select from the options.
  Please note that you can define two different seperators while uploading the users , comma or semicolon ..
  The file type should be based on the seperator you have selected.
  rgds
  Chetan

• User authorisation matrix

  Dear all,
  We are using BI7.00. We now require one report to get the details of user authorisation, i.e., for example one user U1 may be authorised for 10 Transactions in R/3, we want to get the list of such authorisation in the following way. Is there any standard data source or any method of adopting the same.
  Requirement
  Company --->Plant ->  Module>T.Code->User----
  > Authorisation
  4000----->    4100>   QM> QA32>4100QMC01->u221A
  If authorisation is available then a TICK mark should be shown. In the above the user 4100QMC01 is authorised for transaction QA32 and hence in the column authroisation a TICK mark is shown.
  Can experts provide ideas of obtaining the same.
  Regards,
  M.M

  Dear Asish,
  Thank you for your input. I tried to achieve my requirement using a FLFL data source, but the output is not as desired by me.
  I have the fields company,plant, user name, t.codes, authorisation. I have loaded the data through excel and when the display is seen in the report the value is shown as below.
  SAP users -
  > user1---->user2--
  >user3
  SAP transaction code sap user authorisation-> ?>?--
  >?
  QA32
  QP01
  QM01
  I have maintained all the infoobjects as character as for me i do not have any key figure. In the column i have SAP users and SAP Authorisation and in the rows in have SAP transaction code.
  What should i do to get the output as shown below.
  SAP Users -
  User1-->users2--
  >user3
  Sap t.codes
  QA32----
  >?
  QM01----
  >?
  QP01----
  >?
  "?" is nothing but the value which indicates that the specified user has authorisation for the respective t.code.
  Hope you will help me solve the problem.
  Regards,
  M.M

• Custom Table & User authorisations

  Hi,
  We've just made a transaction, pointing to a view of a custom table.
  We would like to "grey" out all of the columns, except one, to limit the modifications. Is it possible with user authorisations ?
  Regards,

  Please go through the link below:
  https://wiki.sdn.sap.com/wiki/pages/viewpage.action?pageId=93454609
  It helps you to identify the steps along with the screenshots which you need to follow.
  In short you can do it by on the table maintenance screen by following this path:
  Environment -> Modification ->  Maintenance Screens
  and then goto the element list tab and uncheck input checkbox for the fields which you want.
  Regards,
  Raman.

• Authorisation Issue SRM 7.0

  Dear Experts,
  We are configuring Extended Classic Scenario in SRM 7.0.
  I have 2 Purchasing groups and each having one Purchaser.
  Each Purchasing group is responsible for 1 Product category.
  When I create and approve shoping cart I need to restrict the processing of PO to the relavent Purchaser.
  I have created 2 ZROLE in SRM by coping the standard Operational purchaser role with the modified Authorisation objects BBP_PGRP & BBP_PURORG and assigned it to the corresponding user.
  For the purchasers I have asssigned the standard Operational Purchaser role in Portal.
  When I log in as Purchaser still I can see and modify the PO's belonging to the both Purchasing group.
  Can any one give me a suggestion how to over come this issue.
  Regards,
  B.N.Karthikeyan.

  Hello,
  This might help.
  Note 1334253 - Authorization Check missing in Sourcing Cockpit
  Note 1335797 - Authority Check on Process Type missing in Sourcing Cockpit
  Note 1242643 - Authorized Purchase Group and organisation in POWL
  Thanks
  Ashutosh
  Edited by: ASHUTOSH TRIPATHI on Jul 22, 2009 10:35 AM

• Error in User integration with SRM

  Hi Everyone,
  We are using SRM5.0 and Classic Scenario. We have a issue with user integration.
  One user for whom i am trying to integrate into SRM system but it is not integrating properly.
  In USERS_GEN, I am getting error as ' Assignment : Business partner person to the user is not unique'.
  And in PPOSA_BBP , when i try to see the user organizational assignment, i could see that the assignment is properly done.
  But the BP of the user is missing. Only CP and the user ID is avaiable without BP number.
  And in the details of the position (for this user), there is a error 'Attribute check for (position name) failed'.
  I could see that all the attributes are maintained correctly and also i tried replicating the HR data again by PFAL, but nothing succeeds.
  Please provide some suggestions of how it can be solved.
  Rgds
  Siva

  Hi,
  You can correct the users by deleting the assignments of the users in transaction PPOMA_BBP and then adding assignments of the users again.
  For this purpose, position the cursor on the business partner of the user, select the context menu with the right mouse button and choose 'Delete -> Assignment'. Note the business partner number and then assign the business partner to the position again. Restart transaction
  USERS_GEN to check.
  Please check these notes to further information:
  419423 Repairing incorrect EBP users
  502564 Correcting incorrect users
  501797 Check all EBP users
  If unassign and reassign is not working (Drag&Drop), please check this note:
  1024258 HRALX: PPOME Drag&Drop: BP-BP relationships not deleted
  If HRALXSYNC is not working, and you check that link between O-BP and CP-BP is broken, please check if these notes are applied in the ECC side:
  1174064  HRALXSYNC: No repair if BP-integration i
  1168104  HRALXSYNC: No repair if BP-integration i
  845002  HRALX: HRALXSYNC performance           
  I hope this helps.
  Cheers,
  Rafael Rhoden

• User Authorisation - storage location

  Hi,
  we have three storeage location under one plant, can we restrict user to access only on UM1 storage location not to access balance two storage location.
  Plant :    X70
  Storage Location  :  UM1
                                  UN1
                                  UN2
  Is it possibile to create a role only on storage location, please advice.
  Regards,
  Muthu

  You will need to activate " Authorization Check for Storage Locations "
  Storage location authorization means that a user has to have authorization for authorization object M_MSEG_LGO in order to enter a goods movement in the storage location, using a particular movement type. In the list of material documents, only the document items for which the user has a display authorization are displayed
  Go to  SPRO->Materials management ->Inventory management ->Authorisation management->Authorisation check for storage locations,

• Batch Input for user defined fields (SRM 4.0)

  Hello.
  Now in my project,we are developping Batch Input function about PO,CONF in SRM 4.0.
  and in this time, we will use over 20 user defined fields.so we have to enter the value to user defined fields by using Batch Input function.
  But if we will enter over the 10 value for user defined fields,we have to scroll the screen.
  How do I scroll in SRM?(What's the command to scroll in SRM)
  Regards
  Ogiwara

  better lock the user since he may some business documnt open and you can not proceed further.
  br
  muthu

• SRM User Settings in SRM 7 for Operational role

  Hi! If I assign role /SAPSRM/OP_PURCHASER to a user in SRM (with Operational Purchaser portal role), I could not find the SRM User Settings function. If I use role /SAPSRM/EMPLOYEE (with Employee Self-Service portal role), the function appears under Home > Overview > Personalization. I checked the content content and could not see this function available for the Operational Purchaser portal role. Does that mean I have to add the Employee Self-Service portal role to the user if I want to allow them to use the SRM User Settings function? Is there another way to get to this function using the Operational Purchaser portal role?
  Appreciate any clarification on the above.
  Cheers!
  SF
  Edited by: SF on Jan 12, 2010 1:06 PM

  You observation is correct and it is the standard design of such portal roles as SRM Administrator, SRM Strategic Purchaser, or SRM Operational Purchaser to not have "personalization", but only Employee Self Service role.