How to Enable Authorization on Navigational Attribute

Applies to:
SAP BI or product release (release 701, level 0004, SAP EHP 1 for SAP Net Weaver 7.0). For more information, visit the For more information, visit the EDW homepage.

Summary
This document will provide information regarding implementing Authorization relevance on Navigational Attribute. Also it contains the information regarding analysis Authorization and role maintenance etc. Author: Ravikanth Indurthi

Company: Intelligroup an NTT Data Company. Created on: 1 December 2010

Author Bio
Ravikanth.Indurthi has been working in various technologies in SAP BI. He is mainly responsible for implementing SAP BI/BO projects and has worked extensively on SAP BI Modeling and SAP BO reporting.

SAP COMMUNITY NETWORK 2010 SAP AG

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com 1

How to Enable Authorization on Navigational Attribute

Table of Contents
Introduction ......................................................................................................................................................... 3 Objective ............................................................................................................................................................. 3 Steps: How to Enable Authorization Relevant on a Navigation Attribute ........................................................... 4
Enable Authorization Relevant at Infobject level .......................................................................................................... 4 Enabling navigational attribute at Info provider level: ................................................................................................... 4 Role Maintenance ........................................................................................................................................................ 5 Assigning role to USER: .............................................................................................................................................. 6 Creation of Authorization Variable: .............................................................................................................................. 6 Check the Report with End Users ID: .......................................................................................................................... 7 Check the Report with Developers ID: ........................................................................................................................ 9

Related Content ................................................................................................................................................ 11 Disclaimer and Liability Notice .......................................................................................................................... 12

SAP COMMUNITY NETWORK 2010 SAP AG

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com 2

How to Enable Authorization on Navigational Attribute

Introduction
It is known that we can create Authorization variable on Infoobject and restrict the data for the users. But if we do not have the required infoobject in the data target and available as attribute then also we can restrict the data using the attribute. In this document it will be demonstrated steps to create the authorization variable on navigational Attribute.

Objective
Initially we need to enable authorization relevance for Navigational attribute at Infoobject level. Here Customer is the Infoobject and Branch & Distribution channels are its navigational attributes. To restrict the data with respect to Brach and distribution channels, authorization relevance has to be created and assign to the respective users assigned to that Branch/Distribution channels.

SAP COMMUNITY NETWORK 2010 SAP AG

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com 3

How to Enable Authorization on Navigational Attribute

Steps: How to Enable Authorization Relevant on a Navigation Attribute

Enable Authorization Relevant at Infobject level Enable Authorization Relevant check box in the relevant Infobject for the required Navigational Attribute .

Enabling navigational attribute at Info provider level:

SAP COMMUNITY NETWORK 2010 SAP AG

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com 4

How to Enable Authorization on Navigational Attribute

Role Maintenance There will basically two Logins: 1. Developer ID (ZADMINBI): Used to create authorizations and assign end users 2. End User ID (TEST_2PROLE): Used to check the reports based on their respective branches / Distribution Channels. Create a role and maintain Authorization object Role Maintenance with Developer ID (ZADMINBI) and the TCode is RSECAUTH (Analysis Authorization) After Enabling the Authorization relevance at infoobject level, those objects can be visible

Authorization restricted: Select the Branch Navigation attribute and restrict the values B0001 & B002. Similarly the distribution channels are also restricted with values GT & MT.

SAP COMMUNITY NETWORK 2010 SAP AG

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com 5

How to Enable Authorization on Navigational Attribute

Assigning role to USER: Assign the same Authorization role to USER (TEST_2PROLE): (T-code RSECADMIN)

Creation of Authorization Variable: Create the query with authorization relevant variable on the Branch navigational Attribute Variable represents: Multiple single values, Optional and ready for input.

Similarly create authorization variable on Distribution channel Navigational Attribute.

SAP COMMUNITY NETWORK 2010 SAP AG

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com 6

How to Enable Authorization on Navigational Attribute

Check the Report with End Users ID: Log in to User ID: TEST_2PROLE RSRT Transaction, give the Query name: (YTEST_AUTH_OBJ)

Values for Branch and Distribution Channel in variable Selection Screen: Here only restricted values are seen in the variable input screen.

SAP COMMUNITY NETWORK 2010 SAP AG

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com 7

How to Enable Authorization on Navigational Attribute

In the report filters restriction is clearly visible.

Report Output: Output can be visible only for the restricted Branches and Distribution channels

SAP COMMUNITY NETWORK 2010 SAP AG

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com 8

How to Enable Authorization on Navigational Attribute

Check the Report with Developers ID: All the Branches are visible in the variable entry screen:

All the Distribution Channels are visible in the variable entry screen:

SAP COMMUNITY NETWORK 2010 SAP AG

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com 9

How to Enable Authorization on Navigational Attribute

Enter all the values in the variable screen:

Report output with all Branches and Distribution channels:

SAP COMMUNITY NETWORK 2010 SAP AG

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com 10

How to Enable Authorization on Navigational Attribute

Related Content
Analysis Authorizations Management of Analysis Authorizations The New SAP NetWeaver BI Analysis Authorizations

SAP COMMUNITY NETWORK 2010 SAP AG

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com 11

How to Enable Authorization on Navigational Attribute

Disclaimer and Liability Notice

This document may discuss sample coding or other information that does not include SAP official interfaces and therefore is not supported by SAP. Changes made based on this information are not supported and can be overwritten during an upgrade. SAP will not be held liable for any damages caused by using or misusing the information, code or methods suggested in this document, and anyone using these methods does so at his/her own risk. SAP offers no guarantees and assumes no responsibility or liability of any type with respect to the content of this technical article or code sample, including any liability resulting from incompatibility between the content within this document and the materials and services offered by SAP. You agree that you will not hold, or seek to hold, SAP responsible or liable with respect to the content of this document.

SAP COMMUNITY NETWORK 2010 SAP AG

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com 12