Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RRMX Authority check

srilakshmi_s2
Participant

‎09-19-2009 8:08 PM

0 Kudos

hi,

There are two SAP BW systems , one with component SAP_BW SAPKW70017 (say B1) , and other one with SAP_BW component SAPKW70103 ( say B2)

In B2 , When a user executes RRMX , it takes them to the Business explorer(excel sheet) , however it throws a message in the GUI that "No authorization to change role <role>

Message no. S#423"

This message is received as soon as you get the excel sheet opened .

When further looked into the situation , seems like in B2 , the follwing select statement is executed ,( as soon as u execute RRMX)for checking the change access for all the users "assigned roles" ( I wonder why all roles?) with the object S_USER_AGr and throws the message when there is no 02 activity for any of the roles present with the user .

SELECT agr_name FROM agr_users INTO l_agr_name WHERE uname = sy-uname.

CALL FUNCTION 'PRGN_AUTH_ACTIVITY_GROUP' -

> "this further throws the message"

EXPORTING

activity_group = l_agr_name

action_change = 'X'

EXCEPTIONS

not_authorized = 12

OTHERS = 13.

IF sy-subrc = 0.

e_s_system_info-can_change_pfcg_roles = rs_c_true.

Whereas in B1 (old release) no such message is thrown for the same user . seems there is no such change activity check in the begining?( not too sure) and only when the user clicks the Role option in Query dialog , S_USER_AGR is checked as per the ST01 trace.

Is this a bug in SAP_BW 701 release ? If so , do you the SAP notes for correcting the same ?please reply at the earliest .Thanks in advance

3 REPLIES 3

Former Member

‎09-19-2009 9:13 PM

0 Kudos

Some customers have S_USER_GRP actvt '02' in production environments for the RRMX "key" users who publish queries to be able to add them to the menu for the users. A change in authorization data might not be required, typically.

But this "change" authority gives more access than just the menu, and the user will need other authorizations for S_USER_TCD and VAL as well.

It has been replaced by the BEXWeb, which you should take a look into.

As SAP "owns" the authority-checks in their programs, they seemed to have felt it appropriate to add the same check to RRMX for "key" users.

> Is this a bug in SAP_BW 701 release ?

I don't think it is a bug in BW 7.01. Arguably they could have added it earlier.

There is an approach to control this via the sideinfo.dat file using the program ID of the query - but I guess few did that or even knew about it. It is not intuitive.

Cheers,

Julius

srilakshmi_s2
Participant
In response to Former Member

‎10-01-2009 12:54 AM

0 Kudos

Hi,

SNOTE 1174779 solved this issue .:)

Regards

Edited by: gsapsdn on Oct 1, 2009 1:55 AM

srilakshmi_s2
Participant

‎10-01-2009 1:11 AM

0 Kudos

Got answer from SAP