Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

PS reports authorization check

Former Member
0 Kudos
588

Hi guys,

I am experiencing an unexpected behavior in PS module.

I have two different project areas using PS WBS.

I am running some test due to a lack of security. I can control all access on WBS using ACL configuration but ACL cannot control PS reports access. So a PS area can see the budget of another area and this is the main issue.

So I suppose I could control all reports with C_PRPS_VNR authorization object in order to allow access using diferent roles with C_PRPS_VNR value according WBS.

I run a test with S_ALR_87013558 report and in the authorization trace I found the following:

10:27:27:305 AUTH - - - C_PRPS_VNR RC=12 PS_VERNR=01010101;PS_ACTVT=03;

10:27:27:305 AUTH - - - C_PRPS_VNR RC=12 PS_VERNR=01010101;PS_ACTVT=24;

10:27:27:305 AUTH - - - C_PRPS_VNR RC=12 PS_VERNR=01010101;PS_ACTVT=26;

10:27:27:305 AUTH - - - C_PRPS_VNR RC=12 PS_VERNR=01010101;PS_ACTVT=28;

Even with the RC=12 I can see all data!

I found the same symptom in a lot of S_ALR_* reports.

My question is: why the RC=12 donu2019t deny my access?

Best Regards,

LMG

1 ACCEPTED SOLUTION

Former Member
109

Hi LMG,

1. I would suggest you to build a role with the reports you are trying to run with a test user and see if you get the same result.

2. I am guessing that you have another role which might be performing the same actions/activities or you have SAP ALL/SAP NEW

3. I found these definitions for you to understand what RC -12 could be.

4 User has no authorization in the SAP System for such an action. If necessary, change the user master record.

8 Too many parameters (fields, values). Maximum allowed is 10.

12 Specified object not maintained in the user master record.

16 No profile entered in the user master record.

24 The field names of the check call do not match those of an authorization. Either the authorization or the call is incorrect.

28 Incorrect structure for user master record.

32 Incorrect structure for user master record.

36 Incorrect structure for user master record.

3 REPLIES 3

Former Member
110

Hi LMG,

1. I would suggest you to build a role with the reports you are trying to run with a test user and see if you get the same result.

2. I am guessing that you have another role which might be performing the same actions/activities or you have SAP ALL/SAP NEW

3. I found these definitions for you to understand what RC -12 could be.

4 User has no authorization in the SAP System for such an action. If necessary, change the user master record.

8 Too many parameters (fields, values). Maximum allowed is 10.

12 Specified object not maintained in the user master record.

16 No profile entered in the user master record.

24 The field names of the check call do not match those of an authorization. Either the authorization or the call is incorrect.

28 Incorrect structure for user master record.

32 Incorrect structure for user master record.

36 Incorrect structure for user master record.

Former Member
0 Kudos
109

I found the answer for this question. When the user without all authorization objects runs the reports, the result shows only the WBS where user has authorization. All other cost data are hidden.

Best Regards,

Former Member
0 Kudos
109

Question solved.