https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499370#M1258035 <HTML><HEAD></HEAD><BODY><P>&gt; </P><PRE><CODE><P></P><P>&gt; Hi Ander,</P><P>&gt; </P><P>&gt; User parameters cannot be used for restricting or providing the access. They can be used for setting default values for the users.</P><P>&gt; </P><P>&gt; Regards,</P></CODE></PRE><P></P><P>Hi Lakshmi</P><P></P><P>There are plenty of parameters which are related to access, personally I do not like them.</P><P></P><P>EFB is a very common one for controlling ability to create PO's</P></BODY></HTML> Thu, 30 Apr 2009 08:08:50 GMT Former Member 2009-04-30T08:08:50Z https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499366#M1258031 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P> I have an implementation with 30 work centers and I want to avoid define 30 roles all with the same operations but diferent organizational levels values in WERKS.</P><P></P><P> I would like to create only one profile that takes the organizational level from a variable or a user parameter.</P><P></P><P> Is that possible?How can i do that?</P></BODY></HTML> Thu, 30 Apr 2009 07:06:32 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499366#M1258031 Former Member 2009-04-30T07:06:32Z https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499367#M1258032 <HTML><HEAD></HEAD><BODY><P>Hi Ander,</P><P></P><P>User parameters cannot be used for restricting or providing the access. They can be used for setting default values for the users.</P><P></P><P>Regards,</P></BODY></HTML> Thu, 30 Apr 2009 07:32:16 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499367#M1258032 Former Member 2009-04-30T07:32:16Z https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499368#M1258033 <HTML><HEAD></HEAD><BODY><P>&gt; I want to avoid define 30 roles all with the same operations but diferent organizational levels values in WERKS.</P><P></P><P>Why do you want to avoid this? Looks like a fine opportunity for derived roles to me.</P></BODY></HTML> Thu, 30 Apr 2009 07:38:53 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499368#M1258033 jurjen_heeck 2009-04-30T07:38:53Z https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499369#M1258034 <HTML><HEAD></HEAD><BODY><P>I agree with Jurjen, whichever way you look at it you will either have </P><P>1. lots of development work</P><P>2. 30+ roles to build</P></BODY></HTML> Thu, 30 Apr 2009 08:07:45 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499369#M1258034 Former Member 2009-04-30T08:07:45Z https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499370#M1258035 <HTML><HEAD></HEAD><BODY><P>&gt; </P><PRE><CODE><P></P><P>&gt; Hi Ander,</P><P>&gt; </P><P>&gt; User parameters cannot be used for restricting or providing the access. They can be used for setting default values for the users.</P><P>&gt; </P><P>&gt; Regards,</P></CODE></PRE><P></P><P>Hi Lakshmi</P><P></P><P>There are plenty of parameters which are related to access, personally I do not like them.</P><P></P><P>EFB is a very common one for controlling ability to create PO's</P></BODY></HTML> Thu, 30 Apr 2009 08:08:50 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499370#M1258035 Former Member 2009-04-30T08:08:50Z https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499371#M1258036 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P> I agree in derived roles as a good solution but if is possible to use variables the number of roles in our system will be much lower and can be quite useful in other areas.</P></BODY></HTML> Thu, 30 Apr 2009 08:16:55 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499371#M1258036 Former Member 2009-04-30T08:16:55Z https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499372#M1258037 <HTML><HEAD></HEAD><BODY><P>Ander,</P><P>You can create a variant of the transaction, hidding the work centers field or setting it as display only and then setting the corresponding parameter (you can get the parameter name pressing F1).</P><P>But I agree with all the other guys. It will be a pain to mantain:</P><P>- Evertytime you set a user you will need to set the parameter.</P><P>- Everytime you add a transaction to the user you will need to create a variant. </P><P>- You will need to test if the user is not able to access the data in any way. As the user is not restricted in an authorization level, it will be harder to keep a good security. </P><P></P><P>Regardes, Jose.</P></BODY></HTML> Mon, 04 May 2009 15:21:52 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499372#M1258037 jabella 2009-05-04T15:21:52Z https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499373#M1258038 <HTML><HEAD></HEAD><BODY><P>Hi Ander,</P><P></P><P>Your purpose can be served by creating a single role and assigning a custom Analysis authorization object to it.</P><P></P><P>Regards,</P><P>Jaya</P></BODY></HTML> Fri, 19 Jun 2009 07:37:13 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499373#M1258038 Former Member 2009-06-19T07:37:13Z https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499374#M1258039 <HTML><HEAD></HEAD><BODY><P>Hi Jaya,</P><P></P><P>That approach relies on the user being in BW/BI and having the variable coded to pass in that info.</P></BODY></HTML> Fri, 19 Jun 2009 09:48:11 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499374#M1258039 Former Member 2009-06-19T09:48:11Z https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499375#M1258040 <HTML><HEAD></HEAD><BODY><P>Yes Alex. I m referring to that approach only.</P><P></P><P>First we have to maintain user specific data in a table.The variable will be processed by customer exit and we have to write a code such that it fetches the data from that table.</P><P></P><P>Hope this approach would suffice.</P><P></P><P>Regards,</P><P>Jaya</P></BODY></HTML> Fri, 19 Jun 2009 09:55:02 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499375#M1258040 Former Member 2009-06-19T09:55:02Z https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499376#M1258041 <HTML><HEAD></HEAD><BODY><P>Alex,here we want only the approach with variants??</P></BODY></HTML> Fri, 19 Jun 2009 10:02:16 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499376#M1258041 Former Member 2009-06-19T10:02:16Z https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499377#M1258042 <HTML><HEAD></HEAD><BODY><P>Hi Jaya,</P><P></P><P>I have a feeling that the original request was for an R/3 system, hence my response. If it is BW/BI then I agree with you about using the variable to populate the data. </P><P></P><P>Cheers</P><P></P><P>Alex</P></BODY></HTML> Fri, 19 Jun 2009 10:34:33 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499377#M1258042 Former Member 2009-06-19T10:34:33Z https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499378#M1258043 <HTML><HEAD></HEAD><BODY><P>Judging by the OP's other questions this is possibly an APO (Advanced Planner &amp; Optimizer) system and the restriction is needed for the MRP run (Materials Requirement Planning)?</P><P></P><P>If that is the case, then the information should have been included - otherwise it is no wonder that we end up in a BI system, which could also include BusinessObjects... <SPAN __jive_emoticon_name="wink"></SPAN></P><P></P><P>Cheers,</P><P>Julius</P></BODY></HTML> Sat, 20 Jun 2009 07:29:42 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorizations-using-variants/m-p/5499378#M1258043 Former Member 2009-06-20T07:29:42Z