cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Role Authorization Vs ACL in cProjects

Former Member

on ‎12-12-2008 2:50 AM

0 Kudos

We do not want to use ACL (Authorization at the Project level) to grant authorization. We are looking for a way to have this authorization by roles. Not too sure if the minutest of details can be controlled by authorization objects.

Of the few requirements that we have, one goes as follows:

1. We need a role of "Resource Manager" to be able to view all projects. However, this role must not be able to edit the project structure. This is possible. However, another requirement that we have is that this role must have all "admin" level access at the "Resources" level. Which means, this role must be able to staff roles and assign tasks to roles and resources, but must have read-only access to the project structure.

Can this be done?

2. Another requirement is with regard to status management. We want a role to have the authorization to set only select statusses. We have a combination of standard and custom stasusses in the status profile that we are using. We look to control the access for roles by which one role can only set a few of these statusses.

Can this be done?

Thanks and Regards...

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
‎02-18-2009 3:21 PM
0 Kudos

Hi Peter,

We have exactly the same need, and unfortunately everything is not solved yet.

1/ In standard, there is no distinction between project and role authorizations. This means you need 'admin' auth at project level if you want to manage the roles. We created an OSS message for this, and SAP answer was to create a development request --> Until then, and if we get a positive answer, nothing can be done to separate project & role authorizations. So there is no solution today.

2/ For the statuses, we add to enhance class CL_DPR_STATUS_MANAGEMENT, methods GET_PERMITTED_USER_STATUS and/or GET_PERMITTED_ACTIVITIES. Thanks to this, we are now able to filter the status list that is populated in the screen.

Regards,

Matthias

Show replies
Show replies
Former Member
‎06-01-2009 10:46 AM
0 Kudos

Hi Matthias,

We are looking for Authorizations like you need, Separate between Role and Project Elements

Did you get any positive from SAP

Also is it possible to change users access dynamically using Statuses of Project

Niranjan

Former Member
‎06-13-2011 9:59 AM
0 Kudos

Hi Matthias,

We are looking for the same king of authorization restrictions for out new cprojects , could you please let me know if you have received any feed back from SAP for your OSS message if yes, could you please share it with me?

Regards

Goli

mariano_sabiche
Active Participant
‎06-13-2011 2:41 PM
0 Kudos

Hi Thirupathi;

Please, open a new thread with your question.

Best regards,

Mariano

Former Member
‎02-17-2009 10:48 PM
0 Kudos

hi wt is the transaction of XRPM or ACL in SAP WAS

Show replies
Show replies
Former Member
‎12-15-2008 4:15 AM
0 Kudos

hi,

my suggestion is u create customized roles and give authorizationas per your requirement.

go to tcode pfcg, here u can create role. and u can add authorization objects also.

e.g i have created role Z_RESOURCE_CPROJECTS

select authorization tab, and then click on chnage authorization data.

evn u can add standard roles under this role.

Thanks

Amit

note: award points for useful answer.

Show replies
Show replies
Ask a Question