cancel
Showing results for 
Search instead for 
Did you mean: 

authorisation object for property tree in CG02

Former Member
0 Kudos

Dear All,

in CG02 we need to restrict the authorisation to display property trees, so that user can only see certain property tree. Which authorisation object can I use?

I have one solution, which is not optimal: go to IMG -> Environment, Health and Safety -> Basic Data and Tools -> Specification Management -> Specification Database Structure -> Settings for Value Assignment -> set up property trees,

and copy the value assignment types which belong to the property tree we need into the authorisation object C_SHES_TVH.

But is there any authorisation object with which we don't need to put in all value assignment types but only the property tree directly?

Thank you very much in advance.

Regards

Christina

Edited by: Christina H. on Nov 16, 2010 10:28 AM

Accepted Solutions (1)

Accepted Solutions (1)

christoph_bergemann
Active Contributor
0 Kudos

Hello Christina

I am sorry to say: to my knowledge no such authorization object is available. But I am not quite sure regarding your demand and what you belive to "get":

1.) a property tree (together with the nodes) is only a "useful "tool" to show you there is data maintained; you can not "hide" property trees for a user (it is to my knowledge always possibkle for the user to display any property tree which is related to spec cat (REAL_SUB) and to switch between them but:

2.) if data is maintained in one property and if you have enough access rights (C_SHES_TCVH is here the correct object) you will see the green flag indicatin that some data has been maintained; if you have not the correct access right no "green" flag is displayed

3.) Now within one property you have a number of chances to reduces data records (so that they are displayd or maintained) by assigning further access rights (different access object !) Here the "natural" EH&S technique is to usage the "Usage" (combination of rating with validity area). Example:;

a.) The access concept begins in some sense from "top down". First you auhtorize the user if or if not the substance itself can be "displayed" (search for etc.) by using the substance authorization group. Now you have options to "hide" (etc.) identifiers (using other auhroization objects)

b.) now you can grant access rights to a property (display of data records maintainjd in the property)

c.) and on the next level you cna grant that the user can display any data record independent of usage or by specificng usages

The access concept in EH&S is "quite" complex in some sense and since EH&S 2.7 more objects are available (Status; Inheritance; restriction etc. etc.)

I hope that this helps

With best regards

C.B.

PS: I does not make sense to my to prepare a second "density" in the system. The access rights are (can be) prepared by value assignment type. In principle you could use the SAP original one of density and prepare a further customer specific value assignment (having a different mnemonic) and then you could differentiate regarding access righs => but this is really not the option which I would use in EH&S

PPS: I have done a further inquiry in the web and I have found this http link:

http://www.se80.co.uk/sapreports/c/cbui/cbui11.htm

and

http://saphelp.hcc.uni-magdeburg.de/ecc_500/helpdata/DE/e5/2c0b42ed755f24e10000000a1550b0/Chap_25_EH... (page 6).

So I believe the available authorization objects in EH&S starts with technical key: C_SHES*

Furtheremore:

http://help.sap.com/saphelp_45b/helpdata/en/41/194b6e5733d1118b3f0060b03ca329/frameset.htm (quite old !!)

Edited by: Christoph Bergemann on Nov 18, 2010 9:06 PM

Edited by: Christoph Bergemann on Nov 18, 2010 9:08 PM

Edited by: Christoph Bergemann on Nov 20, 2010 7:46 PM

Edited by: Christoph Bergemann on Nov 20, 2010 7:53 PM

Answers (0)