cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

DMS - locked status / how to limit security access

Go to solution
Former Member

on ‎05-08-2008 4:00 PM

0 Kudos

I have a couple issues with a security profile (customer service) we have defined for DMS. This profile is set up that when the document info record is in a "released" status, the customer service person has edit (CV02N) access. When in an "on hold" status, the customer service person does not have edit (CV02N) access. Further, the "Released" status is a "locked" status.

1) The Object links appears to be open for edit, regardless of whether or not we have the status "locked".

Also, the deletion indicator can be changed when in locked status. I am looking for all fields to be locked except for the status field. Customer Service should only be able to change status from "released" to "on hold", and should not be able to change anything else. Any suggestions on how to do this?.

2) The intention is that the customer service person can use CV02N to change a document from "released" status to "on hold". This is the ONLY change customer service should be able to make. However, once the status changes from "released" to "on hold", it seems there is an authorization check missing..... meaning now the customer service person is in "on hold" status and they should not be able to edit anything, but apparently they still have the CV02N access from the "released" status, and they can now also change any other fields, update object links and attachments before they save the document. What am I missing?

Any help would be greatly appreciated!!

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎05-09-2008 11:45 AM
0 Kudos

Hi,

I think this can be controlled by providing engineering change number.

In the document status you have to check indicator 'change number'. Once the Drg is released it should have change number. This number is only KEY for control other network status. Also you have to assigne signaure strategy to customer ofter "ON HOLD" for cotroling 'CV02'

this will confusion but u carfully glance this is worthfull.

rgds

Ben

Show replies
Show replies

Answers (2)

Answers (2)

Former Member
‎05-09-2008 10:03 PM
0 Kudos

Hello,

I have C_DRAD_OBJ set to 03 - Display, so I am not sure why I can still add/change/delete object links...

Also I do not understand how to assign signature strategy to customer ofter "ON HOLD" for cotroling 'CV02' ?

thanks,

Heidi

Show replies
Show replies
Former Member
‎05-12-2008 12:38 PM
0 Kudos

Hi

May be auth obj C_DRAD_OBJ as been passed to user by some other role.

You can try to find out which role this object belongs using Tcode: SUIM

This is Basis TCode..

Contact your basis person for more information.

Niranjan

Award points if useful....

Former Member
‎05-09-2008 5:00 AM
0 Kudos

Hi,

U can use following authorization objects to resrticts the document access

1.C_DRAD_OBJ - Create/Change/Display/Delete Objec

here in activity field dont check delete, change option, so that user can not change, delete existing object links

2. C_DRAW_TCD - Authorization for document activit

here in activity field dont check delete option, so that user can not mark DIR for deletion.

award points if useful

Regards

sham

Show replies
Show replies
christoph_hopf
Advisor
Advisor
‎05-09-2008 8:03 AM
0 Kudos

Hi,

please see the following link to the SDN WIKI where you find information on all available DMS authorization objects: https://www.sdn.sap.com/irj/sdn/wiki?path=/display/plm/caDMS-AuthorizationObjects

However object C_DRAD_OBJ should be suitable for controlling object link activities.

Best regards,

Christoph

P.S.: Please reward points for useful information

Ask a Question