on 03-12-2014 10:09 AM
Hi colleagues,
I have written a couple of extractor classes for TM and TREX and they work fine.
But I have now a requirement to switch off access for some users to some fields in the employee search.
More exactly: people in a certain department should not get any results when searching for people with a certain field value.
Any suggestions? I'm not sure I can remove access to those fields by retrieving blanks for those persons for specific searching users.
A little example:
normal case:
Searcher wants to find employee1, employee2 by searching for customfieldvalue1 for customfield1.
my case:
Searcher will not get employee3 by searching for customfieldvalue1 for customfield1 even though employee3 would fit the bill, because we want to prevent Searcher from inferring the value of customfield1 for employee3 (customfield1 has to do with pay), since employee3 is in the same department as Searcher.
So in the end i'm filtering the results' list. It's not a big performance hit for the customer.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ioan,
your requirements are very special....
During responsetime (that means when executing the search) you have no chance to adjust the results.
So there are two possibilities to influence the search results:
1) by area of responsibility
2) by structural authorization
1) seems not to be the reight choice..
2) what Luke already mentioned: change strctural authorization or change the indexing process for structural authorization:
You can use the BadI BADI_ESH_IF_OBJECT_DATA_ENH to influence the extracted results per user( searching user) before moving them to TREX. This BadI is called during indexing dirctly after Standard BadI BADI_ESH_IF_OBJECT_DATA ( for HRTMC_AUTHORITY_VIEW ) and before the extracted data is serialized and moved to TREX. This BadI contains to methods
IF_BADI_ESH_IF_OBJECT_DATA~GET_DATA and
IF_BADI_ESH_IF_OBJECT_DATA~NEXT
both have to be implemented (one for initial indexing and one for delta indexing) . Have a look at implementation of these methods of class CL_HRTMC_SEARCH_EXTR_AUTH ( class for indexing stru authorizations) . You can loop over objects and remove entries for special user and CP. This CP will later during search not be displayed for a special user..
Hope that helps.
br
Martin Hastik
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ioan,
I believe that you would have to code your authorization extractor class to perform this authorization check.
Former Member can probably help more.
Best regards,
Luke
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
99 | |
11 | |
11 | |
6 | |
6 | |
4 | |
4 | |
3 | |
3 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.