cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Restrict View of quotation only by its creator and not to all users

former_member650819
Participant

on ‎05-29-2014 10:55 AM

0 Kudos

Hi,

There is a team of Marketing users who are responsible to send Quotations to Customers for Sales Inquiry.

One Marketing User is sending quotation to his generated lead/Customer. Similarly another user is also sending a quotation to his own generated lead/ customer.

Now, after the quotations are sent, while pulling a report, all marketing users are able to view every Quotation sent to different customers created by different users in one screen.

We don't want one marketing user to view another marketing user's quotation, since there is a possibility of information leakage (Sale Price-Quote) due to which we are loosing customers. Somebody from marketing team is leaking the information to competitors.

Kindly suggest a way to control this problem.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (5)

Answers (5)

Jelena
Active Contributor
‎05-29-2014 10:11 PM
0 Kudos

This is relatively easy to do in a report but would be difficult to apply in all the SAP standard transactions. E.g. there are actually many points of entry into the transactions from, say, a report or another transaction (document flow would be a good example). And there are likely no user exits available in all the possible places. So potentially we're talking about implementing multiple enhancements and significant testing effort. Don't forget that you'd need to update the roles, etc.

Quite frankly though this idea seems rather paranoid and the management would be wiser to contact a law enforcement agency instead. And try hiring better people and treating them well to avoid such issues going forward.

Show replies
Show replies
former_member650819
Participant
‎05-30-2014 5:25 AM
0 Kudos

Thanks for your reply. I agree for what you are saying. However, we are not going to give any access to any report and any other transaction to view the Quotations except one T Code. And we will restrict the user there.

Hope this will help.

Off course, we have to consult a Law Enforcement team, but for that we need to catch the culprit. We cannot catch the person until we have the system in place.

former_member650819
Participant
‎05-29-2014 1:18 PM
0 Kudos

Can we create User Exit which will verify the User Login ID at the time of entering the screen and the User who has created the Quotation, and if this matches then only the system allows the User to view that particular Quotation.

Please advice.

Show replies
Show replies
Lakshmipathi
Active Contributor
‎05-29-2014 11:21 AM
0 Kudos

If the marketing team is operating only with few members, then you can consider having different document type for quotations and by having different document type, you can very well control accessing others' quotation, via authorization object V_VBAK_AAT.  On the other hand, if the marketing team users are huge, then obviously, you cannot have different document types for each individual.  In that case, go with user exit where you need to validate User ID

G. Lakshmipathi

Show replies
Show replies
siva_vasireddy2
Active Contributor
‎05-29-2014 11:13 AM
0 Kudos

Hi,

if you are using a z Report to see all the Quotations ,you can ask your ABAPER to write a logic where the Report need to check the system User and the Quotation created User while Displaying the Documents

Show replies
Show replies
moazzam_ali
Active Contributor
‎05-29-2014 11:02 AM
0 Kudos

Hi Nabin

Are you talking about only in report or do you want to control this in VA23/VA22 transactions as well? If you restrict this in report users could watch this in display quotation transaction.

And also let me know which report you are talking about? Share the Tcodes please. If this is standard one then its better to remove that from user's role and create your own report. Use authority check object in that report and give access to every user so that they can view their own quotations.

Search the google with authorization check coding. Create an authorization object with ERNAM field and give every user name in every user's role. If this is confusing for you, you could seek help from your technical guys.

Thank$

Show replies
Show replies
former_member650819
Participant
‎05-29-2014 11:10 AM
0 Kudos

Not only report, anywhere, it should not be possible to view any quotation which is created by another person.

Say for example, I want to view a quotation and I go to a T Code for display of quotations. I can display only my quotation which means one person can view only his quotations.


This will ensure Data Protection.

moazzam_ali
Active Contributor
‎05-29-2014 11:59 AM
0 Kudos

Hi

How many users do you have which you want to restrict for viewing other's quotations? We dont have anything in standard other than what Lakshmipathi sir has already suggested you. In ABAP I have a solution but for that you need an ABAPER. You have to add your coding in one screen to restrict it. Userexits don't work in display Tcode i.e. VA03, VA23 and VA33 etc. For this you have to add authority check coding in screen using some enhancement.

Thank$

Ask a Question