cancel
Showing results for 
Search instead for 
Did you mean: 

BW Query Variant Security

Former Member
0 Kudos

Hello,

Is it possible to provide any security with authorization objects relating to BW query variants?

I would like to prevent end users from modifying or deleting standard query variants whose technical name starts with Z_

The way to secure query variants doesn't seem obvious with regards to the implementation.

Thanks,

Nick

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
0 Kudos

As per OSS:

Here is the information of the S_RS_PARAM usage from our developer:

S_RS_PARAM is applicable only for 7.x Java Run-Time and 7.x Analyzer.

and it's not applicable for ABAP Run-Time and 3.x.

Which means the beahvior you described is normal behavior as design.

If you want to use the variant control, you could use 7.x Analyzer or

web query.

Thanks!

Nick

Former Member
0 Kudos

Hi,

Yes you have the authorization "S_RS_PARAM" to configure the "Business Explorer - Variants in Variable Screen"

you can create two variants, one to only view the Z*, and other to change or create other variants with diferent naming convection.

Regards,

Dani

Former Member
0 Kudos

Hello Dani,

Thanks for the response. The solution you provided does not seem to work for me though. Does it require an entry anywhere else (Such as RSZCONTROLTEXTS table) in order for it to work?

I have S_RS_PARAM configured as follows

T-BD29013800

Activity: 01, 02, 03, 06

Technical Name of Variant: Y*

T-BD29013801

Activity: 03

Technical Name of Variant: A-X, Z*

This doesn't seem to control the variants though, my users still have full control of any BW Query variant related task.

Any other suggestions to get this working.

Also we are using the old authorization concept on BW 7.0, we have not migrated to the Analysis authorization concept yet.

Thanks,

Nick

Edited by: Nick Bertz on May 11, 2010 11:24 AM

Former Member
0 Kudos

Hi Nick,

It's strange i remeber that it's work, but now i'm not sure ....

The users don't have SAP_ALL, SAP NEW athorizations no?

Try to find the authorization object S_RS_PARAM in other roles or profiles .... with the transaction SUIM.

In one project i have similar problem with other authorization object and at the end this object was in other profile ..

Regards,

Dani

Former Member
0 Kudos

Hello Dani,

Actually I am creating a brand new user from scratch in my development system. S_RS_PARAM is only in the test role that I have created for this user.

So I know that there is not an erroneous authorization that is permitting the activity to continue.

I don't know if there is anything unique in a BW DEV environment that might be counteracting my security attempts, however, thus far all other security aspects are working normally.

One thing that I have found is that S_RS_PARAM seems to work as designed when i use Analyzer 7, but the problem i am describing above seems to be specific to Analyzer 3572.0.78 (3.5 Version)

Thanks for following up, I am still open to advice/suggestions.

Thanks!

Nick

Edited by: Nick Bertz on May 11, 2010 12:29 PM