Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

CATS Variant Issue

Former Member

‎04-03-2009 2:46 PM

0 Kudos

All,

We are currently trying to implement CATS. The question I have is we are trying to restrict the timesheets creators and editors to just be able to create/edit their own timesheets. I know there is a variant $USER but I can't find it again to mirror it. Is there a table to view all the variables and what they are too? Or is there a better way to restrict this to only the user?

Thanks!

-Daniel

11 REPLIES 11

sdipanjan
Active Contributor

‎04-03-2009 6:39 PM

0 Kudos

Hi,

May be it would be helpful if you can be more descriptive. As fer as I understood, can you please check the Table: USVAR

Regards,

Dipanjan

Former Member

‎04-05-2009 8:56 AM

0 Kudos

Look at the description of the P_ORGIN and other P objects in SU24 and in the SAP Help files.

Than you will find where and how to use the $USER value so HR tasks definded in the object are specific to only (or not) being able on ONW user data!

Former Member

‎04-06-2009 12:09 PM

0 Kudos

Hi William,

This will be something you do in HR time customising. P_ORGXX and P_ORGIN is the object you need to give with the correct value in PERNR.

The data entry profile for this needs to be setup. You can have a look at it in SPRO->CA-> TImesheet >Time Recording> Setup data entry profile.

Best Wishes,

CP

Former Member

‎04-06-2009 12:13 PM

0 Kudos

P_PERNR is the object to be used here for personal number check.

Former Member

‎04-06-2009 2:06 PM

0 Kudos

After looking into the suggestions that were given I have came to the conclusions that a variable will probably not work due to it will populate the all the roles with that auth obj in it and we are not wanting to do that. With that said, I was looking into all of the P_ objects that have been brought in which are P_ORGIN, P_PCLX & P_PERNER and I am not seeing where you can restrict to just a user or even a field that would ever suggest that it is possible? Is there another auth obj that I am missing that should be there?

Would there possibly be another way to make it so the user that is assigned this role can only put time in for their self and no one else. That the whole issue I think we are trying to solve before we can move forward? If anyone has any suggestions please let me know.

Thanks,

-Daniel

Former Member
In response to Former Member

‎04-06-2009 8:19 PM

0 Kudos

Yes, theres one more thing i forgot in the setup of data entry profiles. There is an authorization group.

Every data entry profile has an authorization profile associated to it. Can you please confirm if you are using a data entry profile on the CAT2 initial screen?

Former Member
In response to Former Member

‎04-06-2009 9:08 PM

0 Kudos

I think some have been created but I still don't see how creating that relates to P_PERNR? Will this end up being a Employee Group or Subgroup that we can put in as a authorization in the auth objs? I'm not sure if I am following how this is supposed to tie together with the roles and auth values?

Thanks,

Former Member
In response to Former Member

‎04-07-2009 8:11 AM

0 Kudos

When the timesheet data entry profile is setup, there is a screen for person selection, in that there is an option "Enter for several Persons", if that is not selected the person cant enter for someone other than himself. Now only thing is this has to be in sync with an authorization group. All non administrator profile must be in the same authorization group. Once you use the P_PERNR object with this authorization group the data entry profile itself wont allow a person to go to someone else's profile as the backend customisation dosent allow you to do that.

Former Member
In response to Former Member

‎04-08-2009 3:42 PM

0 Kudos

I think I understand about creating the profiles and putting users within the profiles and not checking the box. My next question is how do you get the profiles to sync up to the P_PERNR. I ask this because to be I don't see where you would put this object. There are four objects to define and they are:

Authorization Level

Infotype

Interpretation of assigned personnel number

Subtype

I am not seeing anything there that relates to the profiles or users or even groups to restrict.

Thanks for all your help.

-Daniel

Former Member
In response to Former Member

‎04-08-2009 3:47 PM

0 Kudos

I think if you put a parameter in SU01 PER with a value of the employee number in the user ID. It will work. Also you need to make sure infotype 105 subtype 1 is maintained with the correct user id.

I think that should work it out for you.

sandi_ward2
Explorer
In response to Former Member

‎04-09-2009 12:18 AM

0 Kudos

The Data entry profiles can be contriolled via authorisation groups set upin the IMG (under CATS Authorisations). There is docuemntation there in the IMG for this.

They are checked via the 'dummy' infotype 0316 and the subtypes of this infotype are the profile authorisation groups which you created in the IMG.

Edited by: Sandi Ward on Apr 9, 2009 1:26 AM