01-17-2011 8:04 PM
Hi All,
How do I secure PA0001 table by Personal Area?
Usually Personal Area is defined by the data element PERSA, but in case of PA0001 table it is using WERKS. usually WERKS is a data element for Plant which is used in many other auth objects.
Can anyone please tell me if there is any way to secure PA0001 table by Personal Area?
01-17-2011 8:32 PM
Well, if you are talking about PA0001 access via infoset queries, I believe you can adjust the infoset and put additional auth checks on P ORGIN which would restrict access via PERSA. I am thinking about STABU_LIN but I doubt it will be helpful in your case.
Alternately, you may consider creating custom view for the table and assigning a custom auth group(or anything other than PA)
to it in SE54. Then you can give your users access to that view using Parameter transaction and have auth check for P_ORGIN included as well,
along with S_TABU_DIS.
Thanks
Sandipan
01-17-2011 9:04 PM
Thanks for your reply. Actually i need to restrict only the table.
okay.. Let me put it this way..
We have created a crystal report which looks for PA0001 table access.. I want to restrict the access based on Personal Area.
How should I go about this? Do i need to create a field called WERKS(Personal Area) and include this in the custom object?
01-18-2011 9:07 PM
If I understand correctly, you are having a custom report created which picks up data from PA0001 table and you want the report to pick up only certain entries from the table which is pertaining to a personnel area that the user is authorized to.
In that case, you can have a auth check included in the custom report on P_ORGIN (or P_ORGINCON) along with S_TABU_DIS, so that PERSA that your user is authorized is picked up and only those are passed as input to PA0001 to fetch relevant data. Or if user has a option to specify PERSA in selection screen of your report, auth check is made first on P_ORGIN to check if user has authorization to that PERSA or not and then fetch data from the table accordingly.
Thanks
Sandipan