cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authorization restriction is not working in MDG

Former Member

on ‎11-20-2015 6:00 PM

0 Kudos

Hi

We are using MDGM and we want to put restriction on Plant value restriction per role/

Example: We want one approver able to approve only for plants P1 and P2 and other only for P3 and P4/

As per SAP documentation MDGM uses PFCG roles from backend and use the authorization object with values M_MAT_WRK for restiction,but we need to check authorization relevant entity type check box.

So we already selected emtity type MARCBASIC with key field WERKS. We also maintained it in USMD_MDAT authorization object.

So for approval  role we maintain M_MAT_WRK as well as USMD_MDAT. We also selected MDG speific authorization check box as MATERIAL.

We observed that it is working for requestor role (As I thing it is still considering ECC roles) only but not with Approver role. And in backend for MM01 with approver user it is working also fine but not in MDG. Any reason for this

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

henk_verdaasdonk4
Active Participant
‎11-23-2015 10:27 AM
0 Kudos

Hi Sanjay,

Using USMD_DAT and the corresponding customizing has no effect on authorization checks. Text from the help: "For data model MM, the standard ERP authorization checks are performed; additional settings in this Customizing activity are not supported."

As why it is not working for the approver step. Did you mark the authorization check as relevant in the customizing step "Configure Properties of Change Request Step"?

In our system it is working.

Cheers,

Henk.

Show replies
Show replies
Former Member
‎11-24-2015 7:23 AM
0 Kudos

Hi Henk

Yes I arleady tried this.

As per SAP documentation MDGM uses PFCG roles from backend and use the authorization object with values M_MAT_WRK for restiction,but we need to check authorization relevant entity type check box.

So we already selected emtity type MARCBASIC with key field WERKS.

Do  you want to check another setting in customization?

henk_verdaasdonk4
Active Participant
‎11-24-2015 8:29 AM
0 Kudos

Hi Sanjay,

First time I thought you misspelled, but it is authorization object M_MATE_WRK!

Next step is maybe debug and see what is actually checked. I would start at class method CL_MDG_BS_MAT_API->CHECK_AUTHORITY. There is a call to FM MATERIAL_AUTHORITY_CHECK.

First check what happens for requestor role and then for the approval role.

Cheers,

Henk.

Ask a Question