on 05-30-2014 4:31 PM
Hi Experts,
I would like to know the solution for one scenario, as
I have below numbered User status
10 CRTD
20 ISSUED
30 CLOSE
40 CNCL
and want to control based on authorization, as Person A got authorization to set status from 10 >> 20 >> 30 , but he cant revert back like 30>> 20 >> 10
To reverse back status , he has to contact his manger ( Person B ), who can only set status in reverse way,
I tried controlling this via Authorization key but no luck.
Please let me know how i can achieve this, or let me know if more information required.
Thanks,
Riyaj
Its not possible to have different authorizations such as Forward Authorization & Backward Authorization control.
As mentioned earlier, you need to think of development to achieve this.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Your requirement without development is not at all possible.
As we have only one Authorization key at user status level, the same user will be allowed to go forward as well as go backward in selecting the specific status.
If system would have had 2 columns as one for forward & another for reverse, then this is very much possible with standard.
Some Weird way of configuration to achieve this requirement.....
Hope, this is the only way, you can achieve this Forward & Backward status movements.
Riyaj,
Authorisation object B_USERSTAT is checked ONLY for the new status, the system does not perform an authority check on the previous status (see include program LBSVAF0G via SE38).
And there does not appear to be any suitable user-exits/BADIs you can use whilst is the status screens. You could investigate the Enhancement Framework options - talk to your ABAP team.
Otherwise you will need to do a check when saving for example, via user-exit IWO10009 or BADI WORKORDER_UPDATE.
PeteA
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Riyaj,
Take a help of your ABAP'er. The procedure may be like this.
1)Create a Z-table where you can maintain USER ID AND ORDER for ex:
USER ID ORDER
-------------- --------------------
USER-A INCREASING
USER-B DECREASING.
When USER-A logs into system and try to change the order, select the ORDER for USER-A(as it is only INCREASING), Check the current order and capture the new order which he has entered.
IF NEW_ORDER > EXISTING ORDER.
show error message.
ELSE.
continue with your requirement to proceed further.
ENDIF.
Hope this will resolve your issue.
Thanks
KH
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Greetings Riyaj,
I'm assuming you know how to set up the roles with auth keys, but feel free to ask the additional questions.
The authorization to a (numbered) User Status with an authorization key is checked only when this status is being set, but not when it is being removed. You might have some luck with your requirement if you add the auth key "MANAGER" to status 10 CRTD (initial status) and the auth key "EMPLOYEE", but that would work with two numbered stati at most. (the trick is that only the manager can "set" the lower status; I'm not sure if it will not be a problem on Order creation though)
I have seen a similar requirement achieved through BADI, check out below with the help of your ABAPer:
BADI WORKORDER_UPDATE Method AT_SAVE, Info. Structure IS_HEADER_DIALOG
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Try to create a role based on auth key. Lets say you create auth key 0000001 and assign this to a role for person B, the role the SAP Security team will assign this to a profile ex. PM000003
This should be role mapped to person B in order to make changes. You would need to explain to them the scenario for this role.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
91 | |
8 | |
7 | |
4 | |
4 | |
3 | |
3 | |
3 | |
3 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.