cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authorization archivelink repository create/view/delete own files SAP HR

Go to solution
Former Member

on ‎03-15-2013 10:26 AM

0 Kudos

Hello gurus,

I am facing a problem with the customer. We have implement a webdynpro that shows different pdf files of the employee.

Those files are stored in the archivelink repository, trough the transactions OAC2, OAC3, OAC0 and OAAD.

The webdynpro works properly in the PORTAL (frontend),  the problem is in the backend. We dont know how to resctrict the access of those files. There is only one departament that is allowed to view/create/delete all these files, but currently all the people who has access to the backend can view these files trough transaction PA20/PA30 ( SAP HCM transactions).

I have read this thread http://scn.sap.com/message/7597047

and the main idea here is that the authorization object  "S_WFAR_OBJ" allows you to create/view/delete files., but all the files. We want filter for each employee. A employee can view only his files.

Any clue, please?

Thank very much, have a nice day.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member188883
Active Contributor
‎03-17-2013 3:13 AM
0 Kudos

Hi Juan,

Some solution using screen exits have been shared in this thread https://scn.sap.com/thread/2034130

Additionally you should not allow PA20/PA30 access in the backend. It should be restricted to select people only. Also as you are able to control access in Portal, you may block this users from login into backend. This can be done by de-activating password field in SU01.

Hope this helps.

Regards,

Deepak Kor

Show replies
Show replies
Former Member
‎03-19-2013 9:36 AM
0 Kudos

Hi Deepak Kor,

The problem is that this kind of users should have access to PA20/PA30 because they work with infotypes directly in the beackend, an example could be the departament of "Medical Services". But they dont need to have access to the files attached to the infotypes. So, using transaction su01, and block the access in the backend is not the solution.

Any other clue. Thanks a lot.

Answers (0)

Ask a Question