cancel
Showing results for 
Search instead for 
Did you mean: 

APM/APMe Security groups details

Display_Name
Explorer

Hello,

To monitor changes related to the roles and permissions of users. My goal is creating a security report that sums up the users/security groups and the detailed hierarchy of access permissions for Portals, Menus, Forms, Fields, Functions, Features , Widgets and Dashboards.

My objective is to obtain the required data by using a QB query that adheres to the data base entities. I'm having trouble comprehending the connections between these entities, particularly how they link together from Portals to Actions through menus and sub-menus and forms. Accurately mapping out which users and groups have access to specific elements within APM requires this understanding.

Here is what I have managed to decipher so far:

  • The entity UserSet includes users.
  • the entity SecGroup includes security groups.
  • the entity SecDet includes restricted security levels (UI elements):  Forms, Fields, Actions (Functions), Features, Widgets with its type of Access.
  • The entity MenuMetadata contains the list of Portals/menus/Menu tabs (without specifying the hierarchy)
  • The entity FormMetadata includes Forms and its relation ships with MenuMetadata entity.

Expected report format: Security Group | Portal | Menu | Sub Menu | Menu Tab | Form | Field | Function (Action) | Dashborad | Wdiget | Feature | Access ( Permission )

SAP's available web documentation (also APM Data Dictionary) primarily focuses on user-oriented information and configuration settings, and does not include details on the database schema.

Could you please provide guidance, detailed documentation, or example SQL queries that explain these relationships? Insights into the relevant database schema would be extremely helpful.

PS: the challanges also are:

  • To distinguish between components that are secured and those that are not (what is in Secdet versus what is not in Secdet)
  • Also what is in Secdet for specific security groups vs what is not in SecDet for specfic security groups
  • A form X can be accessible if you look at it on SecDet but at the sometime it can not be accessible because the form Z which precedes it is not accessible.

 

regards,

K.A

 

PhillipButts
Product and Topic Expert
Product and Topic Expert
Hi, K.A., Let me do some digging around and see what I can come up with to help you.
View Entire Topic
PhillipButts
Product and Topic Expert
Product and Topic Expert

We are still researching. It may take a while to get things in order.