This blog has been translated with Google Translate. the original blog can be found here: ekessler.de
As part of the authorization check for Reporting's permission relevant values, among other things with the help of exit variables can be determined. It happens that the requirements of the business require that to be included in the determination of the values within the exit implementation of the report in which the data should be displayed. That if user A, he should look at the data on the X report be eligible for other values than when he looks at the data on Z report.
The SAP BW authorization concept is the consideration of the report for the determination of the authorization-relevant data are available. For this reason, the name of the report is not handed over to the Cuxtomer exit interface. That is, the parameter is the report name usually provides the customer exit for exit variables in the processing of exit variables in the context of initial authorization.
In the following I want to show the behavior of an example. Furthermore, I would like to show an alternative way how to determine the name of the current report. The feature 0COUNTRY is filtered through an exit variable within the authorization check.
Figure 1.1 shows the definition of authorization ZTKE_AUTH01. To determine the appropriate values the exit variable ZTKE_COUNTRY is used.
Figure 1.1: Definition of authorization
Figure 1.2 shows the use of the authorization in the role.
Figure 1.2: Definition of the role
In my example, I put the implementation not in the customer exit EXIT_SAPLRRS0_001 (Extension - RSR00001 BI: Enhancements for Global Variables in Reporting) to, but here I use the SAP BW 7.30 newly introduced BAdI RSROA_VARIABLES_EXIT_BADI.
For the new implementation of the BAdI RSROA_VARIABLES_EXIT_BADI I define as a filter IODBJNM = 0COUNTRY. The filter combination IOBJNM = '' we do not need here because of us I_STEP 3 = not interested. Only in I_STEP = 3, the parameter IOBJNM is not maintained. Exit variables that will come as part of the authorization to use = 0 processed in I_STEP and the parameter IOBJNM is maintained. Figure 1.3 shows the upper part of the filter combination used.
Figure 1.3: BAdI implementation
The lower panel in Figure 1.3 shows how the name of the report can be found. When processing in I_STEP 1, 2 and 3, the name of the report is on the COMPID field of the structure I_S_RKB1D. But in I_STEP = 0 the field is empty. With the help of the instruction:
IMPORT compid = l_compid FROM MEMORY ID 'COMPID'.
may the name of the report but are determined at runtime.