Variable filled Authorizations

Similar Messages

• Variables in Authorizations

  Hello Gurus,
         I hope you can help me with a problem. We use BI7 and at the moment we have 3 authorisation relevent objects Sales Office, Cost Centre and Sold To. We load this data via spreadsheets for each user, some will have a * and some will have restrictions based on values (certain Sold To's or Sales Offices etc. However, we would like to introduce a new authorisation object called Ship To. There is a one to many relationship between Sold To and Ship To held in a table called ZCUST_SLS. So, instead of creating another spreadsheet for Ship To and loading this, I would like to explore using a variable to determine Ship To's from the Sold To using a customer exit variable in RSECADMIN.
            I know that the variable will be of the format $<variable_name> and will be created in CMOD using enhancement RSR00001 for the necessary coding, but what I would like to know is how do I reference the Sold To for this user to be able to determine its relavent Ship To.
  For example
  User DJONES
  Current Authorisations
  Sales Office *
  Sold To 1234567
  Cost centre *
  I would like to add a new Auth object called Ship To using a customer exit variable which uses abap code to look up the table ZCUST_SLS to determine the Sold To's,
  many thanks

  HI,
  Authorizations with Variables
  Definition
  Instead of using a single value or interval, you can also use variables of type customer exit in authorizations. The customer exit is called for these variables while the authorization check is running. The call is carried out with I_STEP = 0. The intervals of characteristic values or hierarchies for which the user is authorized can be returned here. By doing this, the maintenance effort for authorizations and profiles may be considerably reduced.
  Every cost center manager should only be allowed to evaluate data for his/her cost center. Within the SAP authorization standard, a role or a profile with the authorization for the InfoObject 0COSTCENTER equal to u2018XXXXu2019 (XXXX stands for the particular cost center) would have to be made for every cost center manager X. This has to be entered in the user master data for the cost center manager. In organizations where cost centers change on a regular basis, this involves significant administrative effort.
  Using a variable reduces the authorization maintenance workload with the InfoObject 0COSTCENTER equal to u2018$VARCOSTu2019, as well as with the role or the profile, which is maintained for all cost center managers. The value of the variable u2018VARCOSTu2019 is then set for runtime during the authorization check by the CUSTOMER-EXIT u2018RSR00001u2019.
  Maintaining the authorizations restricts the entries for the values to the length of the existing InfoObject. It is possible, however, to use both limits of the interval. In the example 0COSTCENTER with 4 spaces, the variable u2018VARCOSTu2019 is, therefore, entered as u2018$VARu2019 u2013 u2018COSTu2019.
  Use
  Exit variables can be entered beginning with $. If there is a variable value in both the lower and the upper limit, the two are combined as subnames of an overall variable in authorization processing. Intervals are not corrected automatically by the system if an error was found during the check. You get an error message and can analyze the error yourself.
  There is a buffer for these variables. If this buffer is switched on, the customer exit is only called up once for a variable with the authorization check. In doing so, you avoid calling up the customer exit for variables over and over, as well as decreasing performance. If you want to call up the customer exit each time, you have to deactivate this buffer in the maintenance of analysis authorizations. To do this, in the main menu, choose Extras ® Buffering Variables ® Deactivate.
  You can also call up the customer exit for authorizations for hierarchies.
  Enter the variables of type hierarchy node into an authorization. To do this, in the hierarchy authorization maintenance, under Node, choose a variable with  Select Exit Variable. The customer exit is then called up while the authorization check is running. In the return table E_T_RANGE, the technical name of one or more nodes is expected in the LOW fields. In the HIGH field, the InfoObject type of the node is expected.
  Tarak

• Derivation from variable type authorization in exit

  Hi Experts,
  I have got a query with two variables "AUTH" type authorization and "DERI" which should be derivate from "AUTH".
  "DERI" is type Exit.
  my problem, in the exit "AUTH" is not in i_t_var_range. Where do I get the value of "AUTH" from, to use it in the exit logic?
  Thanks for your help
  Pierre

  I Peter
  I needed to make the same thing.
  Did you found a solution?
  Best regards
  Joã

• Variable filled by SAP

  I have a requirement to develop a variable for a report. This variable is filled by SAP Customer Exit.
  To find customer exit: Go to cmod, type   BEXVAR, pick components radio button and display. Click on green button next to 'Function Exit'.
  Double click on INCLUDE ZXRSRU01, in this include we need to write a were cluase under a CASE I_VNAM.
  Variable requirement:
  Go get all Plant Names that are not like [virtual].
  Can you send me sample code some thing like that? What table do I need to read to get this criteria?

  >>because there are some other input variables in the query
  I hope you have used "Processing type as customer exit" in the query.
  Best Regards
  Imran

• Variables with Authorization as Processing type ...

  Hi Gurus, I also wanted to see if we have any good example for this kind of variable?
  I also have a question. If we have Authorizations on 0ORGUNIT and 0EMPLOYEE. The users will be able to see only what they are supposed to see. Now what is the use of a variable that is built on this chareacteristics with processing type "Authorization"? Since they already are restricted to see the data?

  Consider this example:
  Every cost center manager should only be allowed to evaluate data for his/her cost center. Within the SAP authorization standard, a role or a profile with the authorization for the InfoObject 0COSTCENTER equal to ‘XXXX’ (XXXX stands for the particular cost center) would have to be made for every cost center manager X. This has to be entered in the user master data for the cost center manager. In organizations where cost centers change on a regular basis, this involves significant administrative effort.
  Using a variable reduces the authorization maintenance workload with the InfoObject 0COSTCENTER equal to ‘$VARCOST’, as well as with the role or the profile, which is maintained for all cost center managers. The value of the variable ‘VARCOST’ is then set for runtime during the authorization check by the CUSTOMER-EXIT ‘RSR00001’.
  Maintaining the authorizations restricts the entries for the values to the length of the existing InfoObject. It is possible, however, to use both limits of the interval. In the example 0COSTCENTER with 4 spaces, the variable ‘VARCOST’ is, therefore, entered as ‘$VAR’ – ‘COST’.
  refer:
  http://help.sap.com/saphelp_nw04s/helpdata/en/91/a62c42fb6fdd2ce10000000a1550b0/frameset.htm for more details

• Bps variable by authorization

  Dear Friends,
  I can tell a bps variable value is authorization-derived.
  How can  I know straightaway what is the authorization / object tied to this so that I can check / set the  authorization?
  Please can you give me some hints.
  regards
  H.C

  <FONT FACE = "Tahoma", Font Color = "Blue">
  Hi<br>
  In BW 3.x, you can even go to t-code SU01, Enter User ID (whose authorizations have to checked) and press the Display button at top to see User Profile.<br>
  In the next screen, you can navigate to different tabs like roles, profiles etc to get more details. If you double click on any role, system will display the specifics of that role.
  <br><br>
  Hope it helps.<br>
  Cheers Abhijit</FONT><FONT FACE = "Verdana", Font Color = "Red">
  Please assign Reward Points if I deserve them in your opinion
  </FONT>

• BPS Attribute as Variable filled with User-Exit

  Hello,
  how is it possible to set a variable from the type "attribute" in BPS with an User-Exit?
  Example: Characteristic = Material, Attribute = Material class
  How can I set valid entries for Material class in a User-Exit?
  Thanks for help in advance
  Eckhard

  Eckhard,
  You can solve this by using characteristic relationship type exit. there you can put a function where you can find the values for the attribute material class.
  greets,
  Jeroen

• Creating variable with the user Authorization in BEx

  Hi gurus,
  i want to create a variable with user authorization in BEx. Can any one please tell me the steps to create the variable for authorization.
  Thanks in advance
  sandy

  Hi,
  Please take a look and refer the section Use of Variable filled Authorizations(User Exit)
  Advanced Features of SAP BW Reporting Authorizations
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/1b439590-0201-0010-ea8e-cba686f21f06
  Hope this helps.
  Cheers,
  Gimmo

• How to restrict multiple executions of a report by same user

  During month end closing user execute multiple sessions of the same report. In order to improve system performance want to put restriction on such executions espcially for system exhaustive reports. So user can execute report second time once first job is over.
  In background this can be done but how to achive this for foreground jobs. Kindly resolve.
  thanks
  anya

  Hi Eileen,
  Please go through these threads
  Reporting authorization
  Authorisation Variable
  Creation of variable in BEx from user authorization
  Authorization variable
  Variable filled Authorizations
  Khaja

• Variable value to be populated based on user authorization

  Hi all,
  I want to have a variable with single value on plant.
  when the user executes the report, value of the variable has to be populated automatically based on the authorization of the login user and it has to show the output without displaying the selection screen.
  Kindly guide me of, what type of variable to create and to proceed.
  Thanks.
  I

  Hi
  Restriction Plant from user authorization can be achieved by the following steps
  1. Plant infoobject should be authorization relevant.
  2. make authorization object including plant and restrict to the plant u needed and assign the profile to the user
  3. in BEX create variable of authorization type on plant. this variable will get the default values for the plant from the user authorization on the selection screen of the query.
  4. if you dont want to display the variable on the selection screen then remove the chek box in variable that " variable is not ready for input"
  thanks
  radhika

• Webi  Bypassing BEx Authorization Variable with SAP Exit

  BEx query has Hierarchy Node Variable with Authorization as processing type. Its set as User Input ready
  When the Webi report is refreshed, the LoVs appear as per the Authorization. However, if user doesn't select any value (pushes from right to left in variable screen) he gets NOT_AUTHORIZED error. Which is not intended, it should check the authorization in the background via SAP exit and populate the result. This is how it runs inBEx query.
  However, in Webi it's giving NOT_AUTHORIZED error? This is how the product is designed to work or is it a bug.
  I see several forum threads and SAP KBAs/notes but they are not answering my question. Could anyone please help.
  I am ready to provide more details on this error.
  Thanks,
  Tilak

  Hi,
  this is how authorization variable would work in any of the clients and not just Web Intelligence.
  You created an authorization variable which is configured as "read for input", so the user is getting prompted.
  So In Web Intelligence the LoV shows up.
  if the user does not select a value, then you are not sending a value, so you basically asking for all data and you are not allowed to see all data and therefore you are getting the message "no authorization".
  if you are making authorization variables as ready for input then the user needs to select the proper values - regardless of the BI tool.
  if you want the authorization to be check in the background then the authorization variable should be configured to not have ready for input.
  regards
  Ingo Hilgefort

• Creation of variable in BEx from user authorization

  Hi gurus,
     i want to create a variable with user authorization in BEx. Can any one please tell me the steps to create the variable for authorization.
  Thanks in advance
  sandy

  Hi,
  You will get a better and quicker answer if you post this in the BI forums.
  Eddy
  PS.
  Put yourself on the SDN world map (http://sdn.idizaai.be/sdn_world/sdn_world.html) and earn 25 points.
  Spread the wor(l)d!

• Authorization Variable message

  Guru assistance requested.
  I am testing two separate "test user ID's" for authorization relevant objects.
  Objects are Division / Sales Organization / Plant.
  Test user 1 is functioning correctly.
  Test user 2 is triggering a message when I logon to BEx and choose my query.
  Message dialog box reads:
  "!" Value if variable ZPLNT_XXXX is automatically converted.
  I can not eleminate this message from occuring.
  Test User 1 has authorization restrictions on "Divisions and Plants"
  Test User 2 has authorization reswtrictions on "Sales Organizations and Plants"
  I am not receiving any message with Test User 1 and connot explain the reason behind the above
  information message.
  Any ideas.
  Authorization variables are identical for all three objects and both Test Users have authority to the
  roles with each infoprovider.
  Thanks....Dan

  Sachin,
  I went into Query Designer again and looked at my variables:
  All authority  variables are identical in character definition:
  General Tab: Type of Value = Characteristic Value
  General Tab: Processing by Authorization
  Detail Tab: Multiple Single Values
  Detail Tabl: Variable is Optional ..... ready for input field is "blank"
  This  is my query filter:
  Selection:
  Filter on Variables 0DIVISION / 0CURTYPE / 0PLANT / 0SALESORG / 0FISCPER.
  0CURTYPE is defined for B0 on the COPA InfoProvider.
  All others are Selections are user elected variable options.
  The Authorization variable is a restriction I placed on the "Default Value" of characteristic objects
  0DIVISION / 0PLANT / 0SALESORG
  (So as not to display the object).
  As the user .... I logon to BW.
  Navigate BEx Analyzer >>  Open Query: Choose Query Name then "open"
  At this point the dialog box appears  -- below I select my filter options.
  Dialog box reads:
  There are messages:
  Type" !"  ..... Description: Value if variable ZPLNT_XXXX (my variable name) is automatically converted.
  If the query is the issue .... I would think that this message would appear for both test users.
  Not just User#2.
  Also of note ... I have never seen this message below, but then, I am now just beginning to test
  user "authority variables" over  authorization relevant objects.
  Ant other thoughts.
  Thank you ..... Dan

• BOR - fill buffer variables

  Hello!
  Is there any FM or class which I can use to fill all buffer variables of a specified business object (perhaps by using the BOR-key as importing parameter)? The implementation of a BOR-method requires the values in the buffer variables in order to check generic conditions based on the buffer variables!
  My idea was to access the attributes by swc_get(_table)_property to get the buffer variables filled:
  DATA: lo_bor_info TYPE REF TO CL_SBMIG_BOR_TYPEINFO,
        ls_typeinfo TYPE SBMIG_BOR_TYPEINFO,
        ls_verb     TYPE swotlv.
  FIELD-SYMBOLS: <lfs_attribute> TYPE any,
                 <lfs_attr_tab>  TYPE table.
  CREATE OBJECT lo_bor_info
    EXPORTING
      p_objecttype            = 'ZBUS2078'
    EXCEPTIONS
      objecttype_not_existing = 1
      OTHERS                  = 2.
  IF sy-subrc IS INITIAL.
    CALL METHOD lo_bor_info->get_typeinfo
      receiving
        p_typeinfo     = ls_typeinfo
      EXCEPTIONS
        typeinfo_error = 1
        others         = 2.
    IF sy-subrc IS INITIAL.
      LOOP AT ls_typeinfo-verbs INTO ls_verb WHERE verbtype = 'A'
                                                                 AND       attrtype <> 'S'.
        IF ls_verb-tabelem IS INITIAL.
          SWC_GET_PROPERTY self ls_verb-verb *<lfs_attribute>*.
        ELSE.
          SWC_GET_TABLE_PROPERTY self ls_verb-verb *<lfs_attr_tab>*.
        ENDIF.
      ENDLOOP.
    ENDIF.
  ENDIF.
  Unfortunately I don't know how to use field-symbols (how to assign them) or references in order to ensure a generic code.
  Thanks for any hint!
  Greetings
  Wolfgang
  Edited by: Mike Pokraka on Feb 17, 2009 2:47 PM - Added code tags, please use them as it makes code more readable

  Thanks for your reply!
  The requirement is the following:
  There is a workflow-task which sends e-mails to specified receivers. In order to select the mail-receivers I access the program stack (more detailed, the buffer variables) in a FM which is called from my BOR method, e.g. if (ZBUS2078)OBJECT-OBJECTPARTCODE (which is a custom virtual attribute based on QMFE-OTEIL) has value X, a e-mail is sent to receiver Y. (Working with this procedure the selection of receivers is independent from the base program - it is very generic.)
  For that reason I need to ensure that the buffer variable OBJECT-OBJECTPARTCODE is filled in the BOR-Program ZBUS2078. Debugging my workflow I found out that this is not the case until now! I would like to get all attributes of the BOR buffered, which can be reached by first accessing the attributes (swc_get_property).
  Greetings
  Wolfgang

• Authorization Variable not prefilling on RRI jump

  Hi,
  I have an Authorization Variable which prefills according to the users authorized values - this works fine in all instance EXCEPT when I jump from another query.
  Has anyone seen this before?
  Anybody know why?
  What is the function which prefills the variable?
  The jump goes to a web analyzer session. The session works fine if I just execute the jump query - but as soon as the url contains passed variables the authorization variable does not prefill.
  eg. http://sldn1450dap:6777/sap/bw/BEx?SAP-LANGUAGE=EN&CMD=LDOC&INFOCUBE=H3FST_M_M&QUERY=QFCMM_AD0060_V2_JMP - works fine, variable prefills
  http://sldn1450dap:6777/sap/bw/BEx?SAP-LANGUAGE=EN&CMD=LDOC&INFOCUBE=H3FST_M_M&QUERY=QFCMM_AD0060_V2_JMP&VAR_NAME=8BBS_ID&VAR_VALUE=43RUCKR22P5SIA2LJXEE2XJBN - variable does not prefill
  Desperate to sort this one out. 2 days to release deadline and spending days on this.
  Regards
  Neville

  Hi Neville,
  First query also has the same authorization variable?
  if yes it should work.
  Otherwise add the same object and variable in the first query also.
  Regards,
  Vijay.