Problem RSECADMIN BI 7.0

Former Member · ‎02-16-2010

Hi all,

I created one role in PFCG and it works fine, then I made an object authorization in RSECADMIN with the next characteristics:

0TCAACTVT

0TCAIPROV

0TCAKYFNM

0TCAVALID

0MATERIAL EQ 764286

So the user only must be access to material 764286,

but when we test the user in RSECADMIN we can run all the queries and all the materials, when we must not have access to all queries neither all materials, we tried to generate the error logs but appears empty.

If I run the user in RRMX we only see the queries that has access this user, but we can see all the materials when that's incorrect because we limited in the RSECADMIN.

It's like a strange behaviour of the transaction RSECADMIN,

Does anybody know if the basis needs to turn on some component to fix this problem or to fix the transaction or what we need to do?

Thanks a lot.

Regards

Former Member · ‎02-16-2010

To start with are those infoobjects set as auth relevant?

Former Member · ‎02-17-2010

Hi,

>>we can run all the queries

you can restrict the queries using S_RS_COMP & S_RS_COMP1 auth objects in your PFCG role.

>>all materials

Cross check in RSD1, whether 0MATERIAL is auth. relevant char. or not.

Former Member · ‎02-17-2010

Hi,

Yes all the infoobjects that we use in the object at RSECADMIN have the flag of authorization relevant, and in the role we have the object S_RS_COMP & S_RS_COMP1 are limited just by one query if we run the user in rrmx or rsrt1 it works fine but if we run the test in RSECADMIN we have permission to run all the queries.

Thanks a lot

Regards

dannysprangers2 · ‎02-18-2010

If 0material is not on the selection screen nor available in rows or columns there will be no check on restricting the figures. So put 0material somewhere in the query and use a variable of type authorisation and the query will be restricted.