- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- Authorization to display Key Figures in a query in...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Authorization to display Key Figures in a query in BI
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-19-2010 10:08 PM
Hi,
I created the analysis authorization and assigne S_RS_COMP and S_RS_COMP1 has all or full values in sap bi.<br />
I am able to run and execute the query ad get the results too.
But the problem is, in query designer, under the key figures, the calculated and restricted key figures gives me a error message.
"Display not allowed".The BI developer wants to see the list of restricted and calculated key figures in the query.
I am not sure whether i have to check any other authorization object to display the key figures.
Thanks
Archana
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-20-2010 12:45 PM
Hello ,
You can use authorization object S_RS_COMP (Business Explorer - components) for granting access on different component for your developer, The authorization object has the fields: InfoArea, InfoCube, component type, component name and activity.
The following values are possible for the component type:
u2022 REP: Entire query
u2022 STR: Structure
u2022 CKF: Calculated key figure
u2022 RKF: Restricted key figure
If you want to restrict them on Calculated key figure or Restricted key figure please use CKF or RKF values for component type .
Hope this helps
DK
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-20-2010 4:08 AM
Hi,
The analysis authorization should be included in S_RS_AUTH. You can restrict upto InfoCube only under S_RS_COMP, and S_RS_COMP1 and not below that level. Any infoobject level restriction can be applied using analysis authorizations.
You may further directly assign the Analysis authorization from RSECADMIN, if you don't wish to give it from a PFCG role.
Rgds,
Raghu
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-20-2010 11:50 AM
Hi,
This can be easily found out the tcode RSA1. From SU24 you can easily find out the Authorization object proposals for RSA1.
Also in RSD1 you can check the Key figure related details. But keep in mind that Key Figures are not subject to be Authorization Relevant.
Regards,
Dipanjan
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-20-2010 12:45 PM
Hello ,
You can use authorization object S_RS_COMP (Business Explorer - components) for granting access on different component for your developer, The authorization object has the fields: InfoArea, InfoCube, component type, component name and activity.
The following values are possible for the component type:
u2022 REP: Entire query
u2022 STR: Structure
u2022 CKF: Calculated key figure
u2022 RKF: Restricted key figure
If you want to restrict them on Calculated key figure or Restricted key figure please use CKF or RKF values for component type .
Hope this helps
DK
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-20-2010 4:28 PM
Hi,
S_RS_COMP has all the values without any restriction for CKF, RKF, STR, etc..
My issue is that the BI developer is able to execute the query and get the results in the analyzer.
But in the Query Designer, the BI team will be able to see all the calculated and restricted key figures but i get a error message "display not allowed' even though S_RS_COMP has all the values.
I even added the 0TCAKYFNM in my authorization via RSECADMIN. But still not able to see the names of the restricted key figures.
Thanks
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2010 9:29 AM
Archana,
We first need to be clear about where you are coming up against the "display not allowed" error. Are you getting this authorization error while executing a report in Bex Analyzer / portal or in RSRT? In this case use the error analysis option in RSECADMIN to find the problem. In case the error is being caused not at the data security level but by standard SAP auth object values, it should show up in SU53.
S_RS_COMP / COMP1 are reporting authorization objects only i.e. these objects are checked during report execution only.
0TCAKYFNM is an infoobject which shall be used as part of an analysis authorization in case the business requirement is to place restrictions on key figure values that can be displayed to different sets of users. But please be aware that if 0TCAKYFNM is made authorization relevant (via RSD1), Every user needs to have authorization to 0TCAKYFNM with the relevant key figure values that he/she needs to see. So only make only make this info object authorization relevant if cannot avoid it.
Regards,
Prashant
- SAP Managed Tags:
- Security
