cancel
Showing results for 
Search instead for 
Did you mean: 

How to control the users' authorization?

former_member186887
Active Contributor
0 Kudos

Hi All,

Please help me for the below scenario in system.

A & B users have access to same business role (Ex: SERVICEPRO) in Web UI.  However, user A should be able to create and edit anything, but user B should have only display authorization (User B should not be able to create and edit anything in application). 

Could you please suggest me how/where to control the authorization for these users? 

Regards,

Maddy

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
0 Kudos

Hello Maddy,

Hello Maddy there is no specific authorization object for user. That can be done with PFCG menu. You need to play around with the PFCG Role “Menu”. The solution for your scenario is  as below:

When I say changes in the menu, I mean changes in the menu tab of the PFCG role assigned to the user. You have to delete the UIU component from the respective folder. In the present case I have taken Sales folder - transaction Opportunity. This holds good for any transaction (eg activities, lead, etc). The moment you delete the link (UIU_COMP link) and save the PFCG Role the authorization tab will become red. Reason being that specific authorization of create/display is deleted. You need to go to authorizations make all green and generate the profile.

You can also refer to the link below, which will be of help to you for better understanding.

Hope this answer was helpful

Thanks!

Neha

former_member196521
Active Participant
0 Kudos

Hi Maddy,

Business Roles are linked with PFCG Roles when it comes to authorization, In customization you assign the business roles to the PFCG Roles under the customization node Define Business Roles

In the screen shot attached below the business role is assigned to the PFCG Role

In su01 the business role is assigned to the user

In tcode pfcg when you click on authorization and change authorization data

You can control through basis objects which user needs to see which transaction for the specific business role

However a better solution would be to copy the service pro role into zservicepro and zservicepro1 and then create two different pfcg roles and assign the same to these roles as explained above.

Kind Regards

Atul

former_member186887
Active Contributor
0 Kudos

Dear Atul,

Thank you for your reply.

Could you please tell me the object id in which we can control the display authorization for user level?

Regards,

Maddy