03-15-2011 8:58 PM
Hi all,
I`ve been able to use authorization objects to restrict projects based on person responsible in CJ20N (C_PRPS_VNR and C_PROJ_VNR). I expected these same authorization objects to restrict the same access (allow users to view projects only if they have access to 'person responsible') for reports related to project systems. It is however not working.
Examples of the reports that I am using are:
S_ALR_87013555: Project Results
S_ALR_87013611: Cost Centers: Actual/Plan/Variance
What authorization objects would be used to restrict access to certain projects in reports based on person responsible?
Thanks,
03-16-2011 12:38 AM
Those reports are using logical DB PSJ so those check should be there. If you run ST01 what do you get?
Cheers
03-16-2011 12:38 AM
Those reports are using logical DB PSJ so those check should be there. If you run ST01 what do you get?
Cheers
03-16-2011 5:38 PM
Hi Martin,
I ran ST01 and it looks like the authorization checks are taking place and done correctly.
For example, the authorization object C_PRPS_VNR is checking that PS_VERNR = 1 for that user, but this user is set for PS_VERNR = 3, thus it is returning RC=4, which is as expected. This means that it should reject the user from access to the project in this report (S_ALR_87013534). However the report is still showing up. What can be the problem?
03-17-2011 12:51 AM
Turns out another authorization object was letting the project be read. Used ST01 to diagnose this. It was very helpful.