Академический Документы
Профессиональный Документы
Культура Документы
Applies to:
SAP BI or product release (release 701, level 0004, SAP EHP 1 for SAP Net Weaver 7.0). For more information, visit the For more information, visit the EDW homepage.
Summary
This document will provide information regarding implementing Authorization relevance on Navigational Attribute. Also it contains the information regarding analysis Authorization and role maintenance etc. Author: Ravikanth Indurthi
Author Bio
Ravikanth.Indurthi has been working in various technologies in SAP BI. He is mainly responsible for implementing SAP BI/BO projects and has worked extensively on SAP BI Modeling and SAP BO reporting.
Table of Contents
Introduction ......................................................................................................................................................... 3 Objective ............................................................................................................................................................. 3 Steps: How to Enable Authorization Relevant on a Navigation Attribute ........................................................... 4
Enable Authorization Relevant at Infobject level .......................................................................................................... 4 Enabling navigational attribute at Info provider level: ................................................................................................... 4 Role Maintenance ........................................................................................................................................................ 5 Assigning role to USER: .............................................................................................................................................. 6 Creation of Authorization Variable: .............................................................................................................................. 6 Check the Report with End Users ID: .......................................................................................................................... 7 Check the Report with Developers ID: ........................................................................................................................ 9
Introduction
It is known that we can create Authorization variable on Infoobject and restrict the data for the users. But if we do not have the required infoobject in the data target and available as attribute then also we can restrict the data using the attribute. In this document it will be demonstrated steps to create the authorization variable on navigational Attribute.
Objective
Initially we need to enable authorization relevance for Navigational attribute at Infoobject level. Here Customer is the Infoobject and Branch & Distribution channels are its navigational attributes. To restrict the data with respect to Brach and distribution channels, authorization relevance has to be created and assign to the respective users assigned to that Branch/Distribution channels.
Role Maintenance There will basically two Logins: 1. Developer ID (ZADMINBI): Used to create authorizations and assign end users 2. End User ID (TEST_2PROLE): Used to check the reports based on their respective branches / Distribution Channels. Create a role and maintain Authorization object Role Maintenance with Developer ID (ZADMINBI) and the TCode is RSECAUTH (Analysis Authorization) After Enabling the Authorization relevance at infoobject level, those objects can be visible
Authorization restricted: Select the Branch Navigation attribute and restrict the values B0001 & B002. Similarly the distribution channels are also restricted with values GT & MT.
Assigning role to USER: Assign the same Authorization role to USER (TEST_2PROLE): (T-code RSECADMIN)
Creation of Authorization Variable: Create the query with authorization relevant variable on the Branch navigational Attribute Variable represents: Multiple single values, Optional and ready for input.
Check the Report with End Users ID: Log in to User ID: TEST_2PROLE RSRT Transaction, give the Query name: (YTEST_AUTH_OBJ)
Values for Branch and Distribution Channel in variable Selection Screen: Here only restricted values are seen in the variable input screen.
Report Output: Output can be visible only for the restricted Branches and Distribution channels
Check the Report with Developers ID: All the Branches are visible in the variable entry screen:
All the Distribution Channels are visible in the variable entry screen:
Related Content
Analysis Authorizations Management of Analysis Authorizations The New SAP NetWeaver BI Analysis Authorizations