3 weeks ago
We have a new MDG implementation for supplier module and would like to restrict different groups of users with "Account Group" (In search) and also in "Manage Supplier" -> Select ‘New’ > "Organization" > "X– Create Supplier" to specific "Business Partner id/group".
Looking at the B_BUPA_GRP authorization object, it doesn't check for these BP BU groups. We did set some groups in "Maintain Authorization Groups " but are there any other steps to configure so the authorization checks are performed for B_BUPA_GRP.
If we would like to go with restriction for display/change/create based on "BU Groups", is it only done by custom development?
Is there any other suggestion to go with data visibility restriction of BP’s? And also to create change requests for specific groups?
Hi @studencp Agree, i would like to confirm if its some configuration enabling as the trace doesn't check for any authorization groups (see attached). I would prefer to check configuration before performing any custom coding.
SAP MDG security guide says "B_BUPA_GRP - This authorization object is optional. You need to assign this
authorization object only if master data records are to be specifically protected.".
Additionally, it says "If you want to restrict the authorizations for users or roles to specific values, go to Create Authorizations for Data Model and define which entity types and attributes are authorization
relevant." - Did anyone perform this?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi, regarding the last sentence the MDGIMG help says:
(this "comment" field is crappy)
Hi, regarding the last sentence the MDGIMG help says:
"For data model BP, the standard ERP authorization checks are performed; additional settings in this Customizing activity are not supported."
And the B_BUPA_GRP seems to work in this way:
if you assign something to BP_CENTRL-REF_CEN (BUT000-AUGRP) then MDG will check if current user has access to this group. if left empty - no such check
check where used CL_MDG_BS_BP_AUTHORITY_CHECK->CHECK_AUTHORITY_BP_GROUP
User | Count |
---|---|
105 | |
8 | |
6 | |
6 | |
5 | |
5 | |
4 | |
3 | |
3 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.