Variable authorization

hi all
I created a role and given few authorizations on the role.
The main purpose of that role is to execute and create queries on few cubes.
Now after assigning the role to the users, the users are able to create, delete and execute the queries on restricted cubes. But in the query when user places the "VARIABLE", and executes the query, the variable is not being displayed.
I used S_RS_COMP and S_RS_COMP1 in the role..
Is there any other thing to be included in the role to display variable in the report.
regards
Annie

If you the variable that is on the report is of replacement type authorization, then :
1. The info object on which the variable is based on should be authorization relevant. You make this setting in RSA1 - info obejcts in change mode, there will be a check box in the business explorer tab, check that box.
2. Create a n authorization object in RSSM based on this info object.
3. Then, you need to tell the system who is authorised to what?  TO do this, you maintain values.
When you do all the above, when the OLAP executes the report, it will check for values.
OR.
You can have a variable of type exit and write the code.
Ravi Thothadri

Similar Messages

  • BI Variable authorization issue

    Hello Experts,
    Please help me with the below issue. I have implemented Variable authorizations as below.
    1)I have marked Cost Center and Profit Center info objects as Auth relevant.
    2) Created a global Variables for CC and PC with processing by authorization & user exit.
    3) Created analysis authorization for the info object 0cost center and Profit Center and added value as $ ZCOST.
    4) Created the include program ZSECTEST in the user exit to check the Variables.
    I have created only one analysis authorization with both CC and PC fields and restricted to Variables.
    Scenario 1: If the Query that was built on the Cube has only CC data authorizations are working fine by picking the values from the table. u2013 Working
    Scenario 2 : I have a query that was created on MP which has cube A with CC and cube B with PC data.
    (system checks if the user has access both info objects since both were auth relevant fields)
    When user ran the query u2013 custom code checks the table and gets the CC and PC values to the query variable screen.
    Issue: If the query has both CC and PC data for the given date it was showing results fine.
    If the query has only CC data and no PC data then query is giving message saying no data available.
    My requirement is even there is not PC data for that date I want to display the CC data.
    Thanks in Advance.
    Thanks,
    Kumar.

    Hello Sandipan,
    Thanks for the quick response.  Primary key has been already defined in the table.  Issue is I have only one analysis authorization created with fileds  CC and PC restrcited to variables VAR1 and VAR2 respectively.
    When I execute the query in the variable selection screen values are coming fine as below from the custom table. (works)
    Variable selection screen :                   
    Cost Center   -    1,2,3,4
    Profit Center   -     A,S,D,F
    Date               -   10/2010
    In the above example if the query has only CC data for that date - I get error no data available because system is fetching for the  combination of CC 1,2,3,4 and PC A,S,D,F .  I guess some aggregation auth are missing.
    When I execute the same query with SAP_ALL and BI_ALL I get results with only CC - because PC data on this query was not available for that date.
    My requirement is  even if the PC data was not avaiable for that date I want to display all the CC realted  data.
    Thanks,
    Kumar.

  • Variable Authorization Issue..

    Hi,
       i created narly 20 variables. When user trying to save the Query with new Variables. he is getting " You do not have Authorizations to add or create.
    How can i restrict Users to use these Variables. What r u the spets i need to take care.?
    Could you please help me out from this.
    Nagesh.
    Message was edited by: Nagesh Ganisetti

    Hi,
    I think that it is a restriction for saving queries, not using variables.
    Restriction for working with queries arec determined in S_RS_COMP & S_RS_COMP1 auth objects.
    Best regards,
    Eugene

  • Variable Authorizations for Cost elements (K_REPO_CCA)

    Hi everybody.
    I have a doubt regarding the posible options for an authorization on object K_REPO_CCA. Our system is R/3 version 5.0. Is it possible to create a variable, "$COST_ELEMENT" for example, and fill the values dinamically by a user_exit or maybe a z-program that reads in a Z-table??
    Did you know if this is possible?? If yes, do you know the user-exit??
    Many thanks and best regards.
    Ismael Bermúdez

    Hi,
    I would be really interested to find out more about what you did here.
    "<i>In fact at a client we determined the authorised cost centres at run time based on the users mapping to the HR org structure."</i>
    This sounds like exactly what we need at our organisation. We are a large company with around 40000 staff and have the following business requirement.
    - Cost centre reporting is expected to be hierarchical in nature but current Cost Centre structure in Australia is flat in structure.[/li]
    - Natural hierarchies already exist within the NAB by organisational structure: Total Company, Business, Zone, Region, Area and Branch.
    - As a high level requirement, cost centre data should only be available to the manager of the organisational unit that they are managing and any lower level organisational units. Managers should only be able to view their organisational unit costs or lower organisational unit costs. They should not be able to view cost centre data across structures (peer organisational units) or higher levels of responsibilities (parent organisational units).
    - The ability to access cost centre reporting data should take into account HR delegations and substitution processes. This also needs to take into account the granting of the correct authority to the delegated person to run reports.
    - One possible option is to utilise the A250 Cost Centre Manager relationship in SAP to facilitate the security for cost centre reports.
    I will be handling these requirements from a security perspective and would liike to achieve this without creating hundreds of roles and a maintenance nightmare.
    A finance version of structural authorisations would be good
    Any input would be greatly appreciated.
    Barb

  • Analysis Authorization Problem

    Hy, i have create a Analysis Authorization object ZCOMPCODE with 0COMPCODE as characteristic.
    So i assign this object to a users and i create a variable to filter 0COMPCODE with processing type "authorization".
    The problem is that when execute the BEx query i receive the message : No authorization.
    When assign 0BI_ALL to user the ZCOMPCODE has not effect but the query run correctly.
    How can i resolve this serious problem?
    Regards,
    Andrea Maraviglia

    Dear Andrea,
    When you have a problem with authorization data access, may be you need check the following stuff:
    1 All InfoObjects are relevant authorization (see Business Explorer the check box authorization relevant for each InfoObject Tcode RSD1) which these are part of InfoProvider where query request data. It is very important, because you have to include all of this InfoObject (Characteristic) in your analysis authorization.
    2. Remember add the standard characteristic. 0TCAACTVT (3 value), 0TCAIPROV (InfoProvider Tech Name), 0TCAVALID (* value).
    3. In each characteristic relevant authorization, I suggest that add the colon “:” value to avoid problem with variable authorization in the query.
    4. Furthermore, the user need one role for standard object authorization: 
    . S_RS_COMP (Activities 03, 16)
    . S_RS_COMP1 (Query owner)
    . S_RFC (BEx Analyzer or BEx Browser only)
    . S_TCODE (RRMX for BEx Analyzer)
    I hope that can help you!
    Luis

  • Error in  Authorization even after giving Colon authoriztion to users

    Dear Experts
    We have built a query which is having Sum GT function used and also Constant for some characterstics.
    But when we execute the query the user is getting not authorized message. If i run the query without  the SUM GT and Constant RKF and CKF its running fine.
    We have checked the rsec log for the error it says Colon authorization is required for the some chars which are authorizaiton relavant but we have given all the other chars : authorization but still i am getting the below message.
    Authorization Check Log
    For a general description see the Note 1234567
    Date and Execution Time (Local Server)
    Execution Date: 01.12.2011
    Execution Time: 15:33:23
    Executed Query: ZM_SD_M22/ZM_SD_M22_Q_00010
    Transaction RSRT ( BW - output test )
    Executed by User P00010784
    Executed with Analysis Authorizations of Another User P00007960
    Software Component  Release  Level  Support Package 
    SAP_ABA  700  0021  SAPKA70021 
    SAP_BASIS  700  0021  SAPKB70021 
    SAP_BW  700  0023  SAPKW70023 
      InfoProvider Check  
    Building the Buffer...
    ...Buffer Built
    Are there authorizations for accessing InfoProvider ZM_SD_M22 with activity 03?
    Authorization exists for general access to InfoProvider ZM_SD_M22 with activity 03 
      Relevant Characteristics for Detailed Authorization Check  
    (Characteristics with Full Authorization Are Not Listed!)
      List of Effective Authorization-Relevant Characteristics for InfoProvider ZM_SD_M22:  
    0DF_HRPOSTN 
    ZCUS_MAT__ZSD_HEQT 
    ZC_CUST__ZSD_HEQT 
    ZSD_HEQT 
      Authorization Check  
      Detail Check for InfoProvider ZM_SD_M22  
      Preprocessing:  
    Selection Checked for Consistency, Preprocessed and Supplemented As Needed
    Subselection (Technical SUBNR) 1
    Check Node Definitions and Value Authorizations...
    Node- and Value Authorizations Are OK
    Subselection (Technical SUBNR) 2
    Check Node Definitions and Value Authorizations...
    Node- and Value Authorizations Are OK
    End of Preprocessing
    Filling the Buffer...
    ...Buffer Filled
      Main Check:  
      Subselection (Technical SUBNR) 1  
    Supplementation of Selection for Aggregated Characteristics
      Check Added for Aggregation Authorization:     0DF_HRPOSTN  
      Check Added for Aggregation Authorization:     ZCUS_MAT__ZSD_HEQT  
      Check Added for Aggregation Authorization:     ZC_CUST__ZSD_HEQT  
      Check Added for Aggregation Authorization:     ZSD_HEQT  
      Authorizations missing for aggregation (":")  
    Characteristic  1        2       3 
    0DF_HRPOSTN    Node      I EQ :      I EQ :   
    ZCUS_MAT__ZSD_HEQT    I EQ :      I EQ :      Node   
    ZC_CUST__ZSD_HEQT    I EQ :      I EQ :      I EQ :   
    ZSD_HEQT    I EQ :      Node      I EQ :   
    Entries marked with red do not have aggregation authorization
    You can find more information about this here 1140831
      The authorization check stops here as this selection is no longer needed  
      Message EYE007: You do not have sufficient authorization  
      No Sufficient Authorization for This Subselection (SUBNR)  
    Following CHANMIDs Are Affected:
      Subselection (Technical SUBNR) 2  
    Supplementation of Selection for Aggregated Characteristics
      Check Added for Aggregation Authorization:     0DF_HRPOSTN  
      Check Added for Aggregation Authorization:     ZC_CUST__ZSD_HEQT  
      Check Added for Aggregation Authorization:     ZSD_HEQT  
    List of authorizations that provide authorization for selection on ":" (aggregation):
    Characteristic  3 
    0DF_HRPOSTN    I EQ :   
    ZC_CUST__ZSD_HEQT    I EQ :   
    ZSD_HEQT    I EQ :   
    Please guide me what else is required to get the report running.
    Thanks and Regards
    Sree
    Edited by: CRMKNW on Dec 4, 2011 9:43 AM

    Shivraj,
    I have done the way to display the authorization but still its giving the error no authorization  and for change  i have removed the Auth relavant Char from the filter which is having the variable (authorization type ) now its showing the report but four Key figure columns are not shown.
    These key figure columns are SUM GT function  which will bring the total value of a characterstic. So where am i going wrong because as i have given the : authorizaiton it should give the aggregated value for these columns and give full details for his authorized zone.
    if i don't add the variable its giving all the data without these four key figures what i am expecting is it should give data for the authorized zone but also show the aggregated value in the SUM GT key figures as they are authorized with : authoriztion.
    Thanks and Regards
    Sree

  • Authorization problem

    Hi experts,
    I have the following authorization problem:
    I have a role containing authorization for company code. The role contains several queries.
    Some of the queries contain authorization variable of company code but some are not restricted by any authorization.
    When I run the queries that are not restricted by authorizations I get an error: User is not authorized
    from RESCADMIN:  
    Message EYE007: You do not have sufficient authorization   
    No Sufficient Authorization for This Subselection (SUBNR)   
    Following CHANMIDs Are Affected:
    182 ( 0COMP_CODE )
    267 ( 0COMP_CODE__Z_EBUKR )
    Thanks,
    Hagit

    Dear Hagit,
    Iu2019m going to try helping you regarding your question,
    Before give you some suggestion. I would like to check with you some item,
    The first is the authorization structure. The main authorization structure includes:
    Characteristics and Attribute Navigational are relevant authorization, as 0COMP_CODE.
    Roles, where are included authorization object to execute queries as S_RS_COMP, S_RS_COMP1, S_RFC and S_TCODE. In field of S_RS_COMP and S_RS_COMP1 is very important include the right technical name of the queries. Furthermore, add the S_RS_AUTH authorization object to join an analysis authorization.
    Analysis Authorization, where are included each characteristic and attribute navigational relevant authorization with specific value, as: u201C*u201D full access, u201C:u201D aggregate value, single value, range value or node of hierarchy.
    Query, where are include in some cases the characteristic relevant authorization with its variable authorization.
    InfoProvider, where are contain characteristic an attribute navigational relevant authorization.
    Regarding your Error:
    from RESCADMIN:
    Message EYE007: You do not have sufficient authorization
    No Sufficient Authorization for This Subselection (SUBNR)
    Following CHANMIDs Are Affected:
    182 ( 0COMP_CODE )
    267 ( 0COMP_CODE__Z_EBUKR )
    I suggest you, to try the following action:
    Query, in some queries where you havenu2019t included the characteristic 0COMP_CODE in the row. Put in the default value the characteristic  0COMP_CODE with its variable authorization, not ready for entry and optional.
    Analysis authorization, you should add all of characteristic and attribute navigational relevant authorization available in the InfoProvider. Must be matching characteristic and navigational attribute relevant authorization, between analysis authorization and InfoProvider.
    Try to include in your analysis authorization the u201C:u201D value.
    Furthermore,  try you execute tcode RSUDO, then RSECPROT you can get more information about your authorization system behavior. The first transaction is to execute a query with other user (select u201Cwith error logu201D), and the second is to display the error log.
    I hope these comments can help you,
    Luis

  • Colon authorization / note 1140831 - Colon authorization during query execution

    Hi experts
    We have designed HR-analysis authorizations, authorization relevant characteristic 0ORGUNIT.
    These authorizations work well if there is a variable (authorization type) on 0ORGUNIT in the query.
    If this variable or the characteristic is not an element of the query, SAP asks you for a colon ":" authorization for the aggregation of the result.
    We have created such an authorization manually and assigend it to one of the test users:
    Executing the query via RSECADMIN the query result shows ALL possible records of the infoprovider (cube).
    This is not the expected result.
    Do you have an idea why the system works like this? Where is the error?
    Thanks

    problem is fixed:
    You need to have the variable of authorization type in the BEx query.

  • Authorization for multiple nav attributes

    Hi Experts,
    I have 2 doubts that I need to confirm with you:
    Scenario :
    an aggregation level has nav attributes  A__C  and B__C.
    A__C is restricted by authorization variable in the filter section of the query.
    A__C is shown in the rows as well.
    B__C is not defined anywhere in the aggregation level and the query.
    Authorization is created for the user on  A__C   and  B__C   and assigned to user via the BI7 auth admin tcode(s).
    The requirement is to control such that user cannot  access certain values of  Both  A__C  values and  B__C values found in records. In this case,  user is set to access  only  :
    A__C  :   1111
    B__C  :   2222
    A record exist like this :
    A__C     ****     B__C   ****  KF
    1111      ****     3333    ****  $1000
    Question:
    1.  when the query is executed, authorization check is ok for  A__C  and the query should execute.
    But given that this user is not authorized to B__C  = 3333,   will the KF value of $1000  be displayed by the query at runtime assuming the query only is selecting A__C and the KF?
    If it does not show results or shows 'not authorized' , can I say its due to B__C = 2222 is granted and not B__C = 3333 was granted?
    Else if it does show the $1000, can I say that even if B__C  is set = 2222 in the user profile / authorization object assigned,  there is no effect of authorization in this case and the record having B__C = 3333 will be displayed with the KF value (B__C value still will not be shown as its not in the query definition).
    2.   Assuming char C is defined in the query and aggregation level,  must this be individually restricted (i.e set auth of  C = value1, value2 .....)  in authorization object or roles in order that the effect of A__C is achieved where authorization values for A__C is defined by  setting auth of A__C = value 1, value2 ...?
    Scenario A:  char C is in the aggregation level but not used in the query definition in the rows and filter.
    Scenario B :  char C is in the aggregation level and used in the query definition in the rows.
    What would the result be in the above 2 scenarios ?
    Hope to get enlightened about this aspects.
    Thanks in advance.
    Best regards
    PRex
    Edited by: pointes rexiproca on Apr 3, 2008 6:21 PM
    Edited by: pointes rexiproca on Apr 3, 2008 6:22 PM

    Dear Pointes,
    For management authorization by navigational attribute, I suggest the following steps:
    1.     Should check the attribute setup of “A” and “B” InfoObject in Tcode RSD1, and be sure if they are relevant of authorization. Remember, in BI2004s the attribute navigational are different component authorization.
    2.     Then, you should check your analysis authorization in Tcode RSECADMIN Authorization and verify which these attributes navigational A__C and B__C are included in analysis authorization, and what value do they have? Be careful which logical sing “<, >, =…”. Also, remember include colum “:” value in each attribute navigational for avoid problem.
    3.     Before that, you should check the queries structure and be sure if theses attribute is like a entry variable authorization.
    I hope that can help you,
    Luis

  • Hierarchy authorization

    Hi All,
    We have upgraded our BI system to the new security approach 7. We created the corresponding roles/objects thru the RSECADMIN t-code for 0COUNTRY and some other infoObjects where the 0COUNTRY is navegational attribute, for example the 0COMP_CODE__0COUNTRY, and everything is workink fine.
    The 0COUNTRY and (i.e.) the 0COMP_CODE__0COUNTRY are checked as Authorization Relevant.
    Now, we want to create a hierarchy for the 0COUNTRY infoObject, and I would like to know if the security done at the value level is enought to restrict the data or we need to create some new roles/objects thru the RSECADMIN in order to do the same restriction done to the flat values now at the hierarchy.
    We dont mind the intermediate nodes (regions), just the country values for the hierarchy.
    For example, we need the following hierarchy:
    World
    |_ Europe
         |_ Germany
         |_ Italy
         |_ Spain
    |_ Asia
         |_ China
         |_ Japan
    With variable authorization we need:
    If user has just Spain, show Spain.
    World
    |_ Europe
         |_ Spain
    If user has Germany, Italy, Spain.
    World
    |_ Europe
         |_ Germany
         |_ Italy
         |_ Spain
    If user has *.
    World
    |_ Europe
         |_ Germany
         |_ Italy
         |_ Spain
    |_ Asia
         |_ China
         |_ Japan
    Right now, without using hierarchy, the data is showing ok depending on the authorization that user has (allways using authorization variables in the query).
    Regards, Federico

    Hi Federico,
    Yes, your approach is right. You can restrict the InfoObject 0COUNTRY and then maintain the country values in the Analysis Authorizations (its no more a hierarchy authorization).
    The EQ can be used to maintain a single country (you need to add multiple EQs if you wish to add morethan 1 country in the same analysis authorization)
    The CP can be used to maintain with a pattern such as A* countries etc
    The BT can be used to give a range.
    However, ensure that the user has authorization to all the Infoareas (bottom - up) and queries so that his/her authorization can be restricted.
    Regards,
    Raghu

  • Analysis Auth issue - multiple objects

    Currently we have different roles define for each separate section of our business with Comp code and Profit center (along with Hierarchy on PC).
    For e.g.
    Section 1
              Company Code u2013 1010,1050,1500,1520,1700,1800
              Profit Center u2013 150000 u2013 159999 and Profit Center hierarchy u2013 ZPROFIT_CTR_GROUP/99991231/G_15
    Section 2
              Company Code u2013 1110,1150,1500,1520,1700,1800,1980,2050
              Profit Center u2013 190000 u2013 199999 and Profit Center hierarchy u2013 ZPROFIT_CTR_GROUP/99991231/G_19
    Currently there are 30 such roles define, we have quite a segregation within the business. So each BW user generally has one of the 30 roles assign to them. This is working perfectly fine.
    Now because of the consolidations, there are some users who would manage information from different section. So now a user can have access to Section 1 as well as Section 2. Whenever we tried giving access to 2 roles directly to any user, the results of the query comes back as u201CNo Authorizationu201D
    If you notice in the difference between section 1 and 2 is additional company code and some matching company codes along with that is complete different Profit center range and profit center hierarchy node. I am not sure where exactly it is failing.
    Now one more thing for you information is that we have defined Auth variables on Company code (input/Auth/multiple Values) and Profit Center (Input/Authorization/Selection) and Profit Center hierarchy (hierarchy node variable / Authorization)
    I am just trying to understand where the No Auth error msg is coming. Is there some intersection which is killing the query result itself?
    Please let me know if any of you have any suggestion.

    A common problem when authorizing using two different Characteristics is how the authorization variables are filled.
    If a user has access to both section 1 and section 2, a authorization varible for Company Code will contain the values
    1010,1050,1500,1520,1700,1800, 1110,1150,1980,2050
    and the authorization variable for Profit Cetre will contain
    150000 u2013 159999  and 190000 u2013 199999
    If the user doesn't restrict the query further, the system will issue a correct authorization error since the user is not authorized for the selection CC=2050 PC=150000 and all the other "cross-combinations".
    Try creating variants of the selection screen for section 1 and section 2 respectively and force the user to select one of these when executing the query.
    Regards,
    Lars

  • Authorization in BEx Query Designer: "read only" for definitions of variables

    Hello,
    I`m developing a concept of authorizations for key user who should be able to maintain certain
    objects in the query designer. For other objects they should have access “read only”.
    The users have authorizations  to  design new queries.  They should be able to use existing variables
    (SAP Business Content ( 0*) and customer variables (z*). On this point, I have a problem: in the selection window of the query designer there are only buttons to create, to delete and to edit a variable.
    The user must have authorizations for changing, although he just wants to look for the definition
    of a variable (if he wants to see their basic or global settings before using the variable).
    I can´t find a possibility to switch from “edit” to “read only”.
    The users should only see and apply variables from others (SAP, collegues), but he mustn´t be able to
    change them.
    The user needs the following authorization objects:  S_RS_COMP , activity =02 (change), also
    authorization object S_RS_COMP1. If I give the users only activity 03 (display),
    the user get the message: “display not allowed”.
    Is there any possibility to give a key user the authorization to display all variables with
    their definitions?
    Best regards
    Ricarda Seyb

    Hi raghukan,
    This is may be due to the authorization but still you can check the consistency check for these queries using RSRV.
    Regards,
    Amit

  • Abort Could not determine a value for variable 0DAT from the authorizations

    Hi All,
    I encountered an error '/ Abort Could not determine a value for variable 0DAT from the authorizations\' when executing my query on a multiprovider in BW 3.5.
    Can anyone help me in finding a solutionn to this issue.
    Thanks,
    Kartik.

    Hi Kartik,
    I am sorry as that note is for NW2004s. Please check if 0DAT variable installed from a business content? if not then I think thats the cause of the problem.
    Hope this helps,
    Bye...

  • SAP BO WebI Report on top of BI Bex Query with Authorization Variable

    Hi,
         We are trying to restrict row level data using BI 7.0 analysis authorization concept. We have an authorization variable in the Bex query and is working perfect in Bex Analyzer as well as in RSRT.
    Now we are trying to achieve the same thing in BO webI. We created an Universe using Authentication Mode SSO. We are on BOXI 3.1 and implemented SSO. When we try to run the query in WebI we get the error
       "A database error occured. The database error text is: Error in MDDataSetBW.GetCellData..(WS 10901)"
    Just for testing purpose, when we use query filter in WebI and use Values from List, it is showing only the authorized value it supposed to show and runs well with that value selected. But we have to achieve this without the query filter in WebI.
    So are we missing some thing here or any patch issue? Please share if you have done this type of reports in BO.
    Thanks in advance for your help.
    Moorthy.

    Yes I did run MDXTEST and it gives error as 'you do not have sufficient authorization'. The reason it is giving, I guess and we are debugging that to confirm, is first it looks for 0BI_ALL and throws error which is not the case in Bex. See the following trace in RSRT trace.
    InfoObject Properties Defined
    Reading of Directly Assigned Authorizations
    Direct Assignment Does Not Include Universal Authorization 0BI_ALL
    Reading the Indirect Assignments with Authorization Object S_RS_AUTH
    Does user have OBI_ALL?
    No, the User Does Not Have Universal Authorizion 0BI_ALL
    Negative Entry in SU53 Result of Failed Check for 0BI_ALL
    Indirect assignments found; no universal authorization
    Reduction of Authorization Dimensions on Characteristics in InfoProvider
    Reduction Successful
    Thanks!
    Moorthy

  • Variable screen/variant screen authorization issue

    HI All,
    We have implemented standard Cost Center Overview Report(0SR_C02_Q0002) in BI 7.
    We have three selection fields:
    1.Company Code which is mandatory
    2.My controlling Area which is also mandatory
    3.Costcenter which is not mandatory
    The requirement we are facing over here is that in the Variable screen/variant screen when I enter a company code, then I need to display dynamically only those "My Controlling Area" values which are assigned to that particular company code and not all. In the same way after selecting the appropriate "My controlling area" value, I need to display only those cost centers in the cost center selection field which are assigned to the selected company code and My controlling area combination and not all.
    can anyone guide me on how to go about on this authorization issue at the variable screen itself.
    Please treat this issue/requirement on high priority.
    Appreciated in advance.
    Regards,
    raps.

    Hi,
    I think that an alternative to solve your concern could be using Web Application Designer (WAD).  In this respect, there are several design options, with different levels of complexity.
    As the simplest alternative, you could create a WAD including your query and three Dropdown Boxes: one for Company, a second for Controlling area and another for Cost center.  The four mentioned elements should be linked to the same dataprovider so, when you select a company, the options in the other two Dropdown boxes and the information in the query are updated.
    In order to enforce mandatory filter selection at Company and Controlling area level, you should set NO_REMOVE_FILTER='X' in both two Dropdown boxes, so that "All values" option -which would mean no filtering- is not offered.
    I hope this helps you.
    Regards,
    Maximiliano

Maybe you are looking for