Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

HR tables nightmare

Former Member

‎06-26-2010 4:07 PM

0 Kudos

Hi Friends/Experts,

This is really a silly question from my "Global security implementation Project"

An issue came up:

How do we access the infotypes in a role , list the infotypes with description for that role

Now this is what I did

1. SE16 - AGR-1251 gives the ouput , filtered by keyword infty and infoty got the list

2. pulled all the infotyes being used in the HR system with its description

3. wrote a lookup to get the infotype and its description specific to that role

Now the fun part is :

the AGR-1251 does not expand the ranges for infotypes having from(LOW) and to(HIGH) value

so i missed out on many infotypes in range, manual entry is not an acceptable path or solution.

Simple question with no answer available so far is

how do you expand the From and to value to get all the infotypes in range in the role?

example below(part of AGR_1251) the low and high column is what I am talking about

FIELD LOW HIGH MODIFIED DELETED COPIED NEU NODE

INFTY 105 G O 47

INFTY 167 171 G O 47

INFTY 194 195 G O 47

INFTY 207 210 G O 47

INFTY 377 378 G O 47

My input is what you entered in role is what you get, anyone with a different approach or idea

2 REPLIES 2

Former Member

‎06-26-2010 8:09 PM

0 Kudos

The best people to analyse HR authorizations in my opinion are those who understand the data and config. There are a lot of options... so try to work closely together with them otherwise it will be futile.

A little example is P_PERNR. Finding an infotype or range of this can go in all directions and overrides other authorizations. Avoiding ranges is generally good advise anywhere in SAP security....

The executive summary in this case is in the function module HR_READ_INFOTYPE's code if you want to read it...

Cheers,

Julius

Frank_Buchholz
Advisor
Advisor

‎07-07-2010 2:40 PM

0 Kudos

A first step: Use SE16 for table T777T and use the data from AGR_1251 to fill the select option for field INFTY. Enter the single values and pattern into the single value tab and the interval into the select range tab.

If you want to get the subtypes, too, then you have to develop a custom program which reads T777T and T777U because you have to check INFTY and SUBTY for eavery authorization in the role independantly.

Kind regards

Frank Buchholz