cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authorization check acts 'weird' when using pre-query

m_verbaan2
Active Participant

on ‎09-09-2008 3:04 PM

0 Kudos

Dear,

We have the following situation in our BI7.0 system with new Analysis Authorization concept:

1. User is authorized for Plant 0010 only

2. When running a query + entering value 0010 for Plant-variable everything works fine

3. When entering value 0020 the query ends with message 'No applicable data found' where we would expect message 'Not authorized'

Reason is that the query has a variable of type 'Replacement path' which in fact is a pre-query that runs first to fetch all relevant Delivery numbers.

This pre-query fails in the background (visible in RSECADMIN trace), returns no Delivery numbers so the main query ends with 'No applicable data found'.

On the one hand this is logical but is there any way to push the authorization check result (i.e. 'No authorization') through to the main query results?

Many thx!

Marco

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

m_verbaan2
Active Participant
‎09-10-2008 8:27 AM
0 Kudos

Thank you both for your replies.

Both the pre-query as well as the main query use the same variable (type authorization) on 0PLANT. The check works fine on the pre-query according to the trace-log, but acts differently on the main-query (as described above).

So any more hints are welcome, cheers.

Grtx

Marco

Show replies
Show replies
Former Member
‎09-12-2008 6:18 AM
0 Kudos

Hi Marco,

Qoute from your steps

"1. User is authorized for Plant 0010 only

2. When running a query + entering value 0010 for Plant-variable everything works fine

3. When entering value 0020 the query ends with message 'No applicable data found' where we would expect message 'Not authorized'

Reason is that the query has a variable of type 'Replacement path' which in fact is a pre-query that runs first to fetch all relevant Delivery numbers."

this sounds as if you use 0plant variable A in your pre-query, then the main query uses variable B (replacement type ) to receive the 0plant value from pre-query. if this is the case what about not using variable B (replacement type) but just the same variable A in both pre and main queries?

unless you replacement variable is used for delivery numbers.

cheers.

m_verbaan2
Active Participant
‎09-17-2008 10:54 AM
0 Kudos

Thanks but no, both main and pre-query use same variable. Indeed replacement variable is used to fetch delivery numbers only.

We investigated further and found that the pre-query gives a 'No authorization' and the main query does not. This is due to the merger (also known as 'melting') of both variable-screens.

We solved the issue by using a new variable (type auth.) for the pre-query but used property 'No input', hence the merger won't impact the outcome in an unexpected manner.

Grtx

Marco

Former Member
‎09-10-2008 7:31 AM
0 Kudos

Hi Marco,

Restrict 0plant in the main query as well and you should get message not authorized ..i guess even before the prequery executes.

Hope that helps.

Regards

Mr Kapadia

Show replies
Show replies
Former Member
‎09-10-2008 3:54 AM
0 Kudos

Hi Marco,

Interesting, if the 0PLANT has authorisation-relevant set in the propeties tab of 0PLANT, and both pre and main query use 0PLANT, then the authorisation restriction should pass through. does your main query uses 0PLANT in the filter section?

cheers.

Show replies
Show replies
Ask a Question