on 05-28-2014 4:54 PM
Hello experts, we are having the following issue:
The user who created a portfolio item, and has Admin authorization assigned, cannot delete the item. The following message appears:
"User xx is not authorized for the activity DELETE of object 1xxxxx"
It seems to be something related with authorizations, but on SU53 the only authorization object that appears is ACP_SUPER, which we understand is a super user authorization and we should not assign to final users
The related Portfolio management system roles assigned to user are:
Do we need to assign authorizations for activities in ACO_SUPER object? (we don't think so)
Is any other role or authorization missing?
thanks in advance for the help
Roberto
Hi Roberto,
ACL inheritance works as follows.
Creator gets ADMIN by default for the object and the child objects. It means that if a user has created a portfolio he should have ADMIN for all the objects below it as you are assuming.
But with whatever inputs you have given here i assume you have changed the ACL of the user at the BUCKET level to CREATE+WRITE which gives him only CHANGE authority for the child objects and not DELETE. Because in this case ACL at BUCKET level takes precedence.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Saurabh,
so I understand that for a user to be able to delete an item/initiative (in general any object inside a bucket) the user must be also Admin at least for the bucket in which the object was created.
That being an Admin for an item / initiative does not allow you to delete the item / initiative, you need to be admin for the bucket in which it was created.
We will assign a role with Admin ACL at bucket level to the proper users, so far we had only given them Create + Write.
thanks, Roberto
Additonally you may also want to check if there are any enhancements which might be restricting this. You can check if you have enhanced the authorizations using /RPM/AUTHORIZATIONS BADI.
Thanks and Regards
Saurabh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Roberto,
I am also facing this issue. I have raised a ticket with SAP, waiting for a reply.
What I observer is if a user has admin auth at bucket level then he is able to delete. But if he has only read and create(item) auth at bucket level then he gets the error.
Regards,
Anuradha
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Roberto,
Please check with your technical team , it seems to be a Custom Enhancement in the webdynpro component for displaying this error message.
Thanks,
Rabi
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
10 | |
5 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.