Announcement:
wanna exchange links? contact me at sapchatroom@gmail.com.
Posted by
Admin at
Reply from SAPAUSSEC on Mar 1 at 7:48 AM QM transactions can be challenging as many are controlled by a function
coe field and this is how to restrict to display
Your authorization concept does not sound robust and at some stage you
will need to rebuild security
| | | ---------------Original Message---------------
From: EJ1
Sent: Monday, February 29, 2016 2:14 PM
Subject: Transaction Code - create, change, or display
Thanks for all the responses. I am familiar with the naming conventions mentioned and how to restrict a transaction by activity type 01, 02, 03 via authorizations.
Our security model is such that we have parent and child roles and in the case of display transactions, we put them in a global group (no org values) we have no restrictions on viewing data. Modify or create transactions are placed into a child role by location and are given appropriate org values so the user can only change relevant data for their location.
I was given a list of new transactions which we don't have existing roles setup (mainly in the QM space) for a new location we are bringing onto SAP. Since I'm not a functional person, I'm having fun trying to figure out which ones can go in a global (display) role and which ones require more thought. New roles created, org values, etc. |
| Reply to this email to post your response. __.____._ |    _.____.__ |
