Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP Retail security - WOTB2 restriction

Go to solution
jabella
Employee
Employee

‎03-19-2012 6:18 PM

0 Kudos

Hi all,

We are implementing the security in the SAP Retail solution.

We have transaction WOTB2 that needs to be restricted. According to transaction SU24, we have the possibility to do it by Purchasing group. Although the object M_BEST_EKG is set accordingly, the object is not checked during the execution of the transaction.

Has anyone experienced this issue? Are we missing a configuration?

Regards, Jose.

1 ACCEPTED SOLUTION

Go to solution
mvoros
Active Contributor

‎03-19-2012 10:46 PM

0 Kudos

Hi,

it seems like the authorization check is not implemented for WOTB2. The structure of this transaction is bit more complex. It works with class CL_WRF_PBAS_WORKBENCH but it actually works with subclasses inherited from this class (classic example of polymorphism). For transaction WOTB2 it should be class CL_WRF_POTB_WORKBENCH_CTR. Here you can see that method CHECK_AUTHORIZATION is empty. If this is true then you have two options: raise a message with SAP why it does not perform any authorization check. The second solution is to talk with developers and they can implement that method using enhancement framework. It might not work if SAP does not call this method at all. It does not have any parameters, so it seems to me that SAP did not finish development.

Cheers

1 REPLY 1

Go to solution
mvoros
Active Contributor

‎03-19-2012 10:46 PM

0 Kudos

Hi,

it seems like the authorization check is not implemented for WOTB2. The structure of this transaction is bit more complex. It works with class CL_WRF_PBAS_WORKBENCH but it actually works with subclasses inherited from this class (classic example of polymorphism). For transaction WOTB2 it should be class CL_WRF_POTB_WORKBENCH_CTR. Here you can see that method CHECK_AUTHORIZATION is empty. If this is true then you have two options: raise a message with SAP why it does not perform any authorization check. The second solution is to talk with developers and they can implement that method using enhancement framework. It might not work if SAP does not call this method at all. It does not have any parameters, so it seems to me that SAP did not finish development.

Cheers