Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

BI Authorization issue

Go to solution
Former Member

‎09-27-2011 12:18 PM

0 Kudos

Hi Experts,

I have issue with BI authorizations.

I have created a analysis auth in which I have included below objects:

0TCAACTVT

0TCAIPROV

0TCAKYFNM

0TCAVALID

ZCUSNUM

ZDELDATE

ZMNUM

ZVNUM

and below is the rsecadmin log. Request you to kindy review it and let me know the solution.

Following Set Is Checked Comparison with Following Authorized Set Result Remaining Set

Characteristic Content in SQL Format

ZMNUM

0TCAACTVT

0TCAACTVT = '03'

AND ZMNUM LIKE *

Characteristic Content in SQL Format

0TCAACTVT I EQ 03

ZMNUM I EQ M006

Partially or Fully Authorized (Intersection) Characteristic Content in SQL Format

ZMNUM

0TCAACTVT

NOT ZMNUM = 'M006'

AND 0TCAACTVT = '03'

Value selection partially authorized. Check of remainder at end

Following Set Is Checked Comparison with Following Authorized Set Result Remaining Set

Characteristic Content in SQL Format

ZMNUM

0TCAACTVT

NOT ZMNUM = 'M006'

AND 0TCAACTVT = '03'

Characteristic Content in SQL Format

0TCAACTVT I EQ 03

ZMNUM I EQ M006

Not Authorized

All Authorizations Tested

Message EYE007: You do not have sufficient authorization

No Sufficient Authorization for This Subselection (SUBNR)

Following CHANMIDs Are Affected:

246 ( ZMNUM )

Authorization Check Complete

Thanks,

Raj

1 ACCEPTED SOLUTION

Go to solution
Former Member

‎09-28-2011 6:32 AM

0 Kudos

Hi,

Seems like your user is running the query with no input for ZMNUM in the query and hence it is checking for a "*" value.

In the trace it shows part of authorization check for ZMNUM satisfied by value M006 (since it is covered by '' value ) but second part of authorization check which is ZMNUM= '' minus M006 (anything other than M006 which are covered by '*' value) is not authorized since user's analysis authorization just has value M006. Hence following the 'All or none' rule, authorization check on characteristic ZMNUM fails as a whole.

In case you want to give user access to all values of ZMNUM which are assigned in the user's Analysis authorization, please have your BI guys add an authorization type variable in the query for characteristics ZMNUM so as to automatically pickup the input values from user's assigned Analysis authorization.

Hope this helps!

Thanks,

Sandipan

Edited by: Sandipan Choudhury on Sep 28, 2011 11:03 AM

1 REPLY 1

Go to solution
Former Member

‎09-28-2011 6:32 AM

0 Kudos

Hi,

Seems like your user is running the query with no input for ZMNUM in the query and hence it is checking for a "*" value.

In the trace it shows part of authorization check for ZMNUM satisfied by value M006 (since it is covered by '' value ) but second part of authorization check which is ZMNUM= '' minus M006 (anything other than M006 which are covered by '*' value) is not authorized since user's analysis authorization just has value M006. Hence following the 'All or none' rule, authorization check on characteristic ZMNUM fails as a whole.

In case you want to give user access to all values of ZMNUM which are assigned in the user's Analysis authorization, please have your BI guys add an authorization type variable in the query for characteristics ZMNUM so as to automatically pickup the input values from user's assigned Analysis authorization.

Hope this helps!

Thanks,

Sandipan

Edited by: Sandipan Choudhury on Sep 28, 2011 11:03 AM