Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Issues with tcodes SWDD and SWB_COND

former_member275658
Contributor
0 Kudos

Hi All,

I have to restrict the tcodes SWDD and SWB_COND to display only.

But I am unable to restrict the tcodes SWDD and SWB_COND to display only. When I try to test with the user it shows create, change, delete options as well. I checked that almost all the auth objects have been restricted to display only but the tcodes are not behaving per restriction.

Please advise.

Regard's

1 ACCEPTED SOLUTION

former_member275658
Contributor
0 Kudos

Hi Franklin,

I have only these auth objects in the role.

S_DATASET -> 33, A6

S_TABU_DIS -> 03

S_PROGRAM->VARIANT

S_WF_WI -> *

I tried with a test role and tested the tcodes with above auths. but still I am able to change, create, display.

I also tried by trial of deactivating each auth object and tested the tcodes. but no luck.

Is it a program inconsistancy error with these tcodes from SAP ?

9 REPLIES 9

Former Member
0 Kudos

This message was moderated.

Former Member
0 Kudos

User transaction SU24 and check on the following objects

PLOG

S_ADMI_FCD

S_ALV_LAYO

S_BDS_DS

S_CTS_ADMI

S_DATASET

S_DEVELOP

S_DOKU_AUT

S_GUI

S_OC_DOC

S_OC_ROLE

S_OC_SEND

S_PACKSTRU

S_PRO_AUTH

S_PROGRAM

S_RFC

S_SPO_DEV

S_TABU_CLI

S_TABU_DIS

S_TCODE

S_TRANSLAT

S_TRANSPRT

S_USER_AGR

S_USER_GRP

S_WF_WI

Make sure to check on S_dataset activity ( Read and Read with filter )

if your S_tabu_dis is enabled make sure to have authorization group defined and set table access to 03( Display )

check on S_oc_send also.

Make sure to protect all basis objects and developers objects like S_develop and S_program

Hope this helps.

former_member275658
Contributor
0 Kudos

Hi Franklin,

I have only these auth objects in the role.

S_DATASET -> 33, A6

S_TABU_DIS -> 03

S_PROGRAM->VARIANT

S_WF_WI -> *

I tried with a test role and tested the tcodes with above auths. but still I am able to change, create, display.

I also tried by trial of deactivating each auth object and tested the tcodes. but no luck.

Is it a program inconsistancy error with these tcodes from SAP ?

0 Kudos

Hi Can you paste all the tcodes/roles this test user has ?

also make sure to delete SAP_ALL and SAP_NEW from his profile.

In the meanwhile I will test it out on my Sandbox, and update a response

Hi Try this,

S_TABU_DIS -> 03

S_PROGRAM->VARIANT

S_WF_WI -> *

disable all three objects above and let me know what happens, check the user profile that he has only the test role and nothing else, put trace on and enable each object one at a time based on RC=04 to reach a point where you are able to succeed.

When I created the role, by default SAP has enabled only "s_dataset " object only.

Oki here is what I found after testing:

The buttons you are seeing Create/Change/Display do not have any authority object or authority field connected to them,

your goals can be achieved only through customization/Development activity.

Edited by: Franklin Jayasim on Jul 12, 2010 11:43 PM

Former Member
0 Kudos

This message was moderated.

martin_voros
Active Contributor
0 Kudos

Hi,

check if you don't need to apply note 982789. [Here|http://help.sap.com/saphelp_40b/helpdata/ru/8d/25fa06454311d189430000e829fbbd/content.htm] you can see a list of authorization objects related to workflow. You can also use standard approach of using ST01 to figure out what authorization checks are performed.

Cheers

Former Member
0 Kudos

Hi,

These transactions are not for display (Maintian)

SWDD - Workflow Builder

SWB_COND - Maintain Start Conditions

Regards,

Shrinivasan. KV

Former Member
0 Kudos

Salman,

I agree with shrinivasan. You can give a display access to task by using the tcode: PFTC_DIS.

Thanks,

Sri

former_member275658
Contributor
0 Kudos

Thanks All for giving time on this issue.