on 05-13-2014 7:09 PM
Dear Experts,
we are facing an unexpected behaviour on cProjects: project user cannot edit (confirm) their assigned tasks, because the authorizations at the task level for user appear as Read (authorizations view on task), while on the project definition, for the same tasks the user is assigned Write permissions. Something must be happening in between that we are not getting right.
More details on the configuration behind and the process:
- In Project definition level, project roles (coming from a project template) are staffed to users (business partners)
- Project roles coming from project template are assigned to a project role type with Default authorization set as Read. Because we want all project users to be able to access in read mode to the whole project and tasks; and then be able to edit (Confirm) only their assigned tasks. Except for the project manager role, who has a different project role type assigned wih Admin default authorization set
- After making the staffing at project level, this seems to be working fine: all project users have read access assigned at project structure level and rest of tasks, except the project manager who has Admin authorization. And for each task, the user assigned to the task has write permissions.
- But when a user open the task from the tasks dashboard, and go to the Authorizations tab, then the user has Read permission for the same task, which causes the consequence of not being able to Edit and Confirm.
Can you guide us to understand why the Write authorization is being overriden to Read at user access? Should not the default authorization “read” at project role type be overwritten by the assignment of the user to the task?
Maybe is there other configuration setting that is missing or needs to be checked?
Many thanks in advance,
Roberto
We opened an issue to SAP an they indicated to implement note
1791030 - Task dashboard: Incorrect authorizations,
that solved the problem
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Roberto,
Can you please check whether authorisation of the task assigned to user is 'Inherited from the project/phase' or it is empty.
It should be empty, since write access is provided exclusively to the task through staffing.
Sometimes this issue may be due to HR personnel number & user id linkage to business partner is wrong.
Check whether the user accessing the task is correctly linked to the business partner staffed.
Regards,
Ravi
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for your reply, Ravi.
It depends on how you open the task:
- If open the whole project structure from My Projects (or user navigating from task dashboard to project and then operational project button), at the project task level, the authiorization assigned to user is Write and is not inherited from project. The rest of users have their authorizations inherited from project element. So, as suppossed to be
- But, if open the task just from clicking from Task Dashboard, the authorization assigned for user is Read, and inherited from project element, no difference with the rest of users
We are not using HR integrated with PPM, we use Business Partners created with General Business Partner roles and then Employee role, where we assign the SAP user, in Employee Data. I have noticed Personal Number Box is filled with 0 for users, ¿maybe is this the reason? I am going to check anyway,
thanks, Roberto
Hi Roberto,
It's ok if you do not maintain the personnel number since this is required when we do CATS integration.
I have few basic questions to understand your problem better. Can you please clarify.
1) Can you clarify the last sentence in the below paragraph. How did you give write access - Manually in ACL-Authorisations tab or through selection of responsible role/person in basic tab.
- After making the staffing at project level, this seems to be working fine: all project users have read access assigned at project structure level and rest of tasks, except the project manager who has Admin authorization. And for each task, the user assigned to the task has write permissions.
2) Whether the task accessed by the user is in 'Released' status?
Regards,
Ravi
Thanks Ravi, I answer your questions:
1) How did you give write access? - Manually in ACL-Authorisations tab or through selection of responsible role/person in basic tab.
2) Whether the task accessed by the user is in 'Released' status?
The only possible workaround we have found to solve the issue is to assign Write authorizations to all users, but at project level. So the consequence is that users can edit all the project tasks (not only their assigned tasks) and we want to avoid that. We want users to have read access to whole project and write access to their assigned tasks (by staffinf Users to roles)
thanks again for help.
best regards,
Roberto
Hi Roberto,
Thanks for your reply.
There are two ways of getting write authorisation for a task and tasks display in the task dashboard.
1) After assigning the task with resource in the task tab of the project role (Here role is staffed already).
2) No task is assigned to the project role but the role is staffed and responsible role & resource is selected in the structure-->task-->general tab
In your case, you are using the first option and I would recommend to try the second option.
And also try to replace the role type 'read' authorisation with 'none' & try the above 2 options also to check whether any issue is there with read authorisation.
And as a last option, you can manually delete the user in authorisation tab of the task assigned, which will delete write authorisation and inherit read from the project. Save the project and again change manually to write authorisation from read and save it.
Please try this & let us know.
Regards,
Ravi
User | Count |
---|---|
9 | |
7 | |
3 | |
2 | |
2 | |
2 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.