How to Enable Authorization on Navigational Attribute · 2019. 11. 12. · How to Enable...
Transcript of How to Enable Authorization on Navigational Attribute · 2019. 11. 12. · How to Enable...
SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com
© 2010 SAP AG 1
How to Enable Authorization on
Navigational Attribute
Applies to:
SAP BI or product release (release 701, level 0004, SAP EHP 1 for SAP Net Weaver 7.0).
For more information, visit the For more information, visit the EDW homepage.
Summary
This document will provide information regarding implementing Authorization relevance on Navigational Attribute. Also it contains the information regarding analysis Authorization and role maintenance etc.
Author: Ravikanth Indurthi
Company: Intelligroup an NTT Data Company.
Created on: 1 December 2010
Author Bio
Ravikanth.Indurthi has been working in various technologies in SAP BI. He is mainly responsible for implementing SAP BI/BO projects and has worked extensively on SAP BI Modeling and SAP BO reporting.
How to Enable Authorization on Navigational Attribute
SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com
© 2010 SAP AG 2
Table of Contents
Introduction ......................................................................................................................................................... 3
Objective ............................................................................................................................................................. 3
Steps: How to Enable Authorization Relevant on a Navigation Attribute ........................................................... 4 Enable Authorization Relevant at Infobject level .......................................................................................................... 4
Enabling navigational attribute at Info provider level: ................................................................................................... 4
Role Maintenance ........................................................................................................................................................ 5
Assigning role to USER: .............................................................................................................................................. 6
Creation of Authorization Variable: .............................................................................................................................. 6
Check the Report with End User’s ID: .......................................................................................................................... 7
Check the Report with Developer’s ID: ........................................................................................................................ 9
Related Content ................................................................................................................................................ 11
Disclaimer and Liability Notice .......................................................................................................................... 12
How to Enable Authorization on Navigational Attribute
SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com
© 2010 SAP AG 3
Introduction
It is known that we can create Authorization variable on Infoobject and restrict the data for the users. But if we do not have the required infoobject in the data target and available as attribute then also we can restrict the data using the attribute.
In this document it will be demonstrated steps to create the authorization variable on navigational Attribute.
Objective
Initially we need to enable authorization relevance for Navigational attribute at Infoobject level.
Here Customer is the Infoobject and Branch & Distribution channels are its navigational attributes.
To restrict the data with respect to Brach and distribution channels, authorization relevance has to be created and assign to the respective users assigned to that Branch/Distribution channels.
How to Enable Authorization on Navigational Attribute
SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com
© 2010 SAP AG 4
Steps: How to Enable Authorization Relevant on a Navigation Attribute
Enable Authorization Relevant at Infobject level
Enable Authorization Relevant check box in the relevant Infobject for the required Navigational Attribute.
Enabling navigational attribute at Info provider level:
How to Enable Authorization on Navigational Attribute
SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com
© 2010 SAP AG 5
Role Maintenance
There will basically two Logins:
1. Developer ID (ZADMINBI): Used to create authorizations and assign end users
2. End User ID (TEST_2PROLE): Used to check the reports based on their respective branches / Distribution Channels.
Create a role and maintain Authorization object Role Maintenance with Developer ID (ZADMINBI) and the T-Code is RSECAUTH (Analysis Authorization)
After Enabling the Authorization relevance at infoobject level, those objects can be visible
Authorization restricted:
Select the Branch Navigation attribute and restrict the values B0001 & B002.
Similarly the distribution channels are also restricted with values GT & MT.
How to Enable Authorization on Navigational Attribute
SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com
© 2010 SAP AG 6
Assigning role to USER:
Assign the same Authorization role to USER (TEST_2PROLE): (T-code RSECADMIN)
Creation of Authorization Variable:
Create the query with authorization relevant variable on the Branch navigational Attribute
Variable represents: Multiple single values, Optional and ready for input.
Similarly create authorization variable on Distribution channel Navigational Attribute.
How to Enable Authorization on Navigational Attribute
SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com
© 2010 SAP AG 7
Check the Report with End User’s ID:
Log in to User ID: TEST_2PROLE
RSRT Transaction, give the Query name: (YTEST_AUTH_OBJ)
Values for Branch and Distribution Channel in variable Selection Screen:
Here only restricted values are seen in the variable input screen.
How to Enable Authorization on Navigational Attribute
SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com
© 2010 SAP AG 8
In the report filters restriction is clearly visible.
Report Output:
Output can be visible only for the restricted Branches and Distribution channels
How to Enable Authorization on Navigational Attribute
SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com
© 2010 SAP AG 9
Check the Report with Developer’s ID:
All the Branches are visible in the variable entry screen:
All the Distribution Channels are visible in the variable entry screen:
How to Enable Authorization on Navigational Attribute
SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com
© 2010 SAP AG 10
Enter all the values in the variable screen:
Report output with all Branches and Distribution channels:
How to Enable Authorization on Navigational Attribute
SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com
© 2010 SAP AG 11
Related Content
Analysis Authorizations
Management of Analysis Authorizations
The New SAP NetWeaver BI Analysis Authorizations
How to Enable Authorization on Navigational Attribute
SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com
© 2010 SAP AG 12
Disclaimer and Liability Notice
This document may discuss sample coding or other information that does not include SAP official interfaces and therefore is not supported by SAP. Changes made based on this information are not supported and can be overwritten during an upgrade.
SAP will not be held liable for any damages caused by using or misusing the information, code or methods suggested in this document, and anyone using these methods does so at his/her own risk.
SAP offers no guarantees and assumes no responsibility or liability of any type with respect to the content of this technical article or code sample, including any liability resulting from incompatibility between the content within this document and the materials and services offered by SAP. You agree that you will not hold, or seek to hold, SAP responsible or liable with respect to the content of this document.