https://community.sap.com/t5/application-development-and-automation-discussions/restricting-project-system-reports/m-p/7769016#M1584369 <HTML><HEAD></HEAD><BODY><P>Turns out another authorization object was letting the project be read. Used ST01 to diagnose this. It was very helpful.</P></BODY></HTML> Thu, 17 Mar 2011 00:51:14 GMT Former Member 2011-03-17T00:51:14Z https://community.sap.com/t5/application-development-and-automation-discussions/restricting-project-system-reports/m-p/7769013#M1584366 <HTML><HEAD></HEAD><BODY><P>Hi all,</P><P></P><P>I`ve been able to use authorization objects to restrict projects based on person responsible in CJ20N (C_PRPS_VNR and C_PROJ_VNR). I expected these same authorization objects to restrict the same access (allow users to view projects only if they have access to 'person responsible') for reports related to project systems. It is however not working.</P><P></P><P>Examples of the reports that I am using are:</P><P></P><P>S_ALR_87013555: Project Results</P><P>S_ALR_87013611: Cost Centers: Actual/Plan/Variance</P><P></P><P>What authorization objects would be used to restrict access to certain projects in <STRONG>reports</STRONG> based on person responsible?</P><P></P><P>Thanks,</P></BODY></HTML> Tue, 15 Mar 2011 20:58:45 GMT https://community.sap.com/t5/application-development-and-automation-discussions/restricting-project-system-reports/m-p/7769013#M1584366 Former Member 2011-03-15T20:58:45Z https://community.sap.com/t5/application-development-and-automation-discussions/restricting-project-system-reports/m-p/7769014#M1584367 <HTML><HEAD></HEAD><BODY><P>Those reports are using logical DB PSJ so those check should be there. If you run ST01 what do you get?</P><P></P><P>Cheers</P></BODY></HTML> Wed, 16 Mar 2011 00:38:32 GMT https://community.sap.com/t5/application-development-and-automation-discussions/restricting-project-system-reports/m-p/7769014#M1584367 mvoros 2011-03-16T00:38:32Z https://community.sap.com/t5/application-development-and-automation-discussions/restricting-project-system-reports/m-p/7769015#M1584368 <HTML><HEAD></HEAD><BODY><P>Hi Martin,</P><P></P><P>I ran ST01 and it looks like the authorization checks are taking place and done correctly.</P><P></P><P>For example, the authorization object C_PRPS_VNR is checking that PS_VERNR = 1 for that user, but this user is set for PS_VERNR = 3, thus it is returning RC=4, which is as expected. This means that it should reject the user from access to the project in this report (S_ALR_87013534). However the report is still showing up. What can be the problem?</P></BODY></HTML> Wed, 16 Mar 2011 17:38:59 GMT https://community.sap.com/t5/application-development-and-automation-discussions/restricting-project-system-reports/m-p/7769015#M1584368 Former Member 2011-03-16T17:38:59Z https://community.sap.com/t5/application-development-and-automation-discussions/restricting-project-system-reports/m-p/7769016#M1584369 <HTML><HEAD></HEAD><BODY><P>Turns out another authorization object was letting the project be read. Used ST01 to diagnose this. It was very helpful.</P></BODY></HTML> Thu, 17 Mar 2011 00:51:14 GMT https://community.sap.com/t5/application-development-and-automation-discussions/restricting-project-system-reports/m-p/7769016#M1584369 Former Member 2011-03-17T00:51:14Z