cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

MII TRX Create Text File in /WEB while Admin or Regular User

Go to solution
former_member202228
Active Participant

on ‎06-17-2014 5:35 PM

0 Kudos

Hi gurus!

I have an MII Transaction querying a database then writing a CSV file with the data in the WEB folder.

How would the "write file" block should work taking into consideration the "security" settings in MII ?

Using the SAP_XMII_Admin or SAP_XMII_DEVELOPER role, the database gets queried and the file created.

Using the SAP_XMII_USER & SAP_XMII_DynamicQuery roles, the database gets queried but the file does NOT get created.

I'm  triggering the transaction from a webpage using a link with "/XMII/Runner?Transaction=...", with different users, having the different roles configuration for testing.

While for the Query template I can assign rights and user security, for the transaction itself I can't. Please help!

MII is V14.0 SP4 Patch 0 (Nov 22, 2013).

Paul.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member202228
Active Participant
‎06-17-2014 6:50 PM
0 Kudos

Looks like I forgot the "transaction" security settings. All the credits go to Sam Castro for his patience with annoying MII users!

Show replies
Show replies
salvatore_castro
Advisor
Advisor
‎06-17-2014 7:17 PM
0 Kudos

No problem Paul, it's an easy one to miss as our security team has done many reviews of the MII product and has required stricter enforcement of file creation security.  There is a UME action for the creation of files which you can assign to various roles if you don't want to use the standard MII roles or you can add your role to the Transaction -> Security -> Write Roles list to give permissions to the transaction to create the files.


Sam

former_member202228
Active Participant
‎06-23-2014 7:06 PM
0 Kudos

Hi Sam,

I updated all my transactions to have writer roles for SAP_XMII_User, and still not working ..

Do we need to bounce the MII server so that these settings are read?

Regards,

Paul.

former_member202228
Active Participant
‎06-23-2014 7:28 PM
0 Kudos

There are some errors in the Log Files .. see below:

bottom

bottom -1

bottom -2

bottom -3

Hopefully it helps.

I masked the server name to protect the innocent. I don't have access to the trace-files (Linux server, need to learn that first).

Paul.

former_member185280
Active Contributor
‎06-23-2014 7:54 PM
0 Kudos

The file system actions don't seem to be documented in the help so I don't know if they still apply but check if one of the roles assigned to your user has the XMII_FileSystem_RW ume action assigned to it.

http://www.google.com/cse?cx=013447253335410278659%3Ak8ob9ipscwg&ie=UTF-8&q=XMII_FileSystem_RW&oq=XM...

salvatore_castro
Advisor
Advisor
‎06-24-2014 12:13 PM
0 Kudos

The UME Actions for MII are documented in the Help (http://help.sap.com/mii) under:

Security Services -> User Management -> Actions for Permission

or you can go to the direct link here:

Actions for Permissions - SAP Manufacturing Integration and Intelligence - SAP Library

Sam

former_member185280
Active Contributor
‎06-24-2014 12:53 PM
0 Kudos

Sam,

The XMII_FileSystem_* actions are not on the list in the help documentation. Do you know if they are still applicable to the latest versions?

former_member202228
Active Participant
‎06-24-2014 8:24 PM
0 Kudos

Hi Christian,

I set up a new role and I found all the FileSystem actions there in the list. Not exactly sure what they're doing, but documenting is a little later step (Yay!).

I added the FileBrowser, FileSystem_RW and Workbench_Content ones, and right now the CSV file creation is working as long as the users have my role associated with their username.

It's still Ok, because I did not want to make everyone a developer or an admin and see extended content while logging in directly to MII UI, while these "rights" are practically impossible to test for regular users without the functionality offered by an admin menu or the workbench.

Regards,

Paul.

Answers (0)

Ask a Question