Restrict report execution based on Organization st...

Former Member · ‎09-10-2008

Hi,

I wrote a program to output employee details. The user who runs the report should be able to see the employee details of his/her group only(based on the Organization structure - could be Organization based or position based).

Will the security be able to accomplish this task just based on the tcode without me coding anything in the program? If yes, please let me know the steps in brief.

Thanks in advance

Vamsi

Former Member · ‎09-10-2008

Hi Vamsi ,

What i understand is that, running a t-code would trigger your program to run in the background and output the employee details of the users who has the same organization structure as that of the user who is executing the report.

In order to accomplish this,the program must be coded for checking the organizational structure of the user who is executing the report first before it moves on to identify the group members of the user executing the report.

Therefore, from security perspective you need to identify the authorisation object and the field which your program will check for determining the org. level value of the user who is executing the report and then based on that it should identify all the other users with similar values before generating the report.It has to be coded as security cannot take care of this on it's own.

Thanks,

Saby..

Former Member · ‎09-10-2008

Hi,

If the output is purely based in HR data, then I hope that the report is based on the logical database PNP or PNPCE - this will ensure that the relevant auth checks would apply.

Your security team would have to ensure that the correct auths are assigned for infotypes and the PD profiles would have to cater for the org structure restrictions.

Regards

Restrict report execution based on Organization structure