Individual COst center restriction in BI

Former Member · ‎09-11-2008

My company is also looking for restricting access to cost center specific & we have implemented a solution using Listcube tcode, let me explain the steps.

1. The Analysis auth obj (AA) contains ZCC_AUTH info object which is given aggregated values.

2. this AA is inserted into the role & then assigned to the user.

3. The User assigned to a specific Cost center is inserted into the ODS table.

4. Then the Listcube tcode is run for the infoprovider, which assigns the costcenter to the user Id.

5. When User runs the BI query the assigned cost center values only is retrieved from the database.

But i feel this is has disadvantages

1. Every time a new user is created, the ODS table as to be updated with this info & list cube as to be generated or if a user changes the Cost center then we once again have to update the ODS table & regenerate using the List cube.

Now i would like to know the solution w.r.t user customer Exit with variables

1. when is the customer exit is trigerred -

a. when the query executed by the user is run or when the auth check is done for cost center in the AA object?

2. How to determine inside a query which info object are being checked, i know in RSECADMIN the trace shows which auth objects have been checked - but seeing a query i need to know which auth obejcts have been used for retreiving data.

your suggestions are really helpfull for me to debug this issue we are facing.

Thanks a lot in advance.

regards

Naveen Murthy

former_member248712 · ‎09-12-2008

1. when is the customer exit is trigerred -
a. when the query executed by the user is run or when the auth check is done for cost center in the AA object?

Ok here's the thing. You are looking at two things that are in sequence. You opted for the System to check for InfoObject (here CC). In order to get that info the system triggers the Customer Exit. So to your question, the Cus Exit is triggered when the query is excuted. And based on the info in the Customer Exit the system check for the Cost Center Access.

 2. How to determine inside a query which info object are being checked, i know in RSECADMIN the trace shows which auth objects have been checked - but seeing a query i need to know which auth obejcts have been used for retreiving data.

I doubt if that info is available in the query, since queries are build based on InfoObjects and not auth objects.

AB

Former Member · ‎09-12-2008

Hi AB

Can i know the exact reason why the Customer Exit is triggered?

i think the trigger happens like below - correct me if i am wrong.

User runs the Query -> Query tries retrieving data for Cost center from the custom AA -> Custom AA contains the Variable $ZCost (inplace of auth relevant made infoobject) -> this $ZCost then triggers the customer exit -> customer exit returns the cost center value from User's master record -> this cost center value is then placed in place of $Zcost -> then the query runs further to fetch data from the database fallling under the user's cost center.

regards

Naveen murthy

former_member248712 · ‎09-12-2008

Can i know the exact reason why the Customer Exit is triggered?

Because a Customer Exit variable was put in the Query during a query design.

The rest is OK except that

Custom AA contains the Variable $ZCost (inplace of auth relevant made infoobject) ->

Custom AA contain the Variable $ZCost under auth relevant made infoobject, that means your query includes the auth relevant made infoobject and the variable.

AB