cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Lock Shopping Cart users based on their location

Go to solution
Former Member

on ‎03-25-2009 3:59 PM

0 Kudos

Hi All,

We want to restrict SRM user based on his location to creating shopping carts during A/P lock down time.

We decided to maintain a custom table,Screen and BADI in SRM that has lock/Release flag and give permission to A/P user.

My question is

1. how can we otherwise restrict SRM users in creating SCs during A/P lock out duration. Please suggest other alternatives to avoid custom development.

2. do we have any table in SRM to see users assignment to a location or is it in R/3 that we can replicate.

Please advise, Points awarded.

Thanks

Rao

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎03-25-2009 5:01 PM
0 Kudos

As it seems to be high frequency occurance, and Security needs to have full control over the process(rather than Org Management team) ,What I would suggest is that create a custom shell role per Location/Plant like : Z_location_5000. And assign this role to users based on the location. Once the such a situation arises Security can pull all users with that role. I am assuming there would be only handfull of locations.

Show replies
Show replies
Former Member
‎03-25-2009 6:14 PM
0 Kudos

Thanks Surya for the response. Although Security can lock the Role, FI team(A/P person) will need to control the lock/release process.

If there are 4 locations LOC1,LOC2,LOC3 and LOC4, and Account payable person should be able to control lock a specific location(for example LOC2), so that all the users from that location(LOC2) cannot create shopping cart.

Please suggest.

Regards,

Rao

Former Member
‎03-26-2009 3:15 PM
0 Kudos

There are three potential solutions choose one that fits you. I suggest the last(Previously suggested) as this will involve no developmenent and the process with zero maintenace.

a)You can manufacture a report which can be run by the FI person: The report will delete the Locations from the extended attribute during the lock time, and after the lock time they can run it again to keep the attributes back again.

b)Create ZAPLOCK Table with fields 1)APLOCK with values X, empty, 2)LOCATIONS with values LOC1, LOC2 etc,.Give the maintenace access to FI team.

In the DOC_CHECK_BADI check for this table and throw a message to the user that it is AP lock time, whatever.

c)As suggested previously create ZROLES, Once FI identifies lock time they can communicate to security to lock the users(NO developement needed). You cannot let FI team simply lock the users as this is a major Conflict of Seggregation of Duties. ANyway Security team wont let their duty go into FI Team

Former Member
‎03-27-2009 3:46 PM
0 Kudos

Thanks Surya,

BTW I have suggested option 2 with a small change. Instead of FI person running a report that deletes the location attributes of SRM users, I have suggested new ZAPLOC table in SRM, ZLOCS (Screen) and ZLOC(Tcode) given to FI users to pick and choose Locations and Lock/Un-Lock. So, basically Ztable,Zscreen and ZTcode that will be maintained by the FI user. I think we are on the same page. Thankyou very much for the response. BTW I am referencing your work at my current client.

Thank you very much

Rao

Answers (1)

Answers (1)

Former Member
‎03-26-2009 1:55 PM
0 Kudos

Hi

In the extended attributes in the location you can restrict the user .

Regards

Satish Gopal

Show replies
Show replies
Ask a Question