Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
Showing results for 
Search instead for 
Did you mean: 
This is Part 1 of Discussion and Comment privileges, which can be controlled via Roles.

If you have ever wanted to disable Discussion and/or Commenting at organization or role/group level, then this is the right blog. For some organizations the content in Discussion and Comment is also secure and confidential data.


Use case

As of today, there is no way an Admin can control comment and discussion privilege at the tenant level. Every user has all the comment and discussion rights.

As part of this feature we will provide an option for Admin to manage comment & discussion privilege at tenant level.

By default the behavior would be enabled in the custom roles to avoid any regressions to existing behavior, but Admin will have an option to enable/disable.


Discussion workflow

  • Discussion was application-wide feature and accessible to all. There was no way to control its usage

  • Currently, there are no privileges to control discussion

  • Hence, we have introduced explicit "Discussion" privilege in Security > Roles, with 2 access (Read and Create). This will be configured by Tenant Admin - caters to Application level setting

  • Currently, user cannot delete invited/others discussions, hence no Delete access is provided

  • New privilege will be available in below screen

Read - allows to view all discussions and contribute to discussions;

Create - allows new discussions to be created


Comment workflow

  • Currently comment rights is linked to Story Share rights

  • Introduce explicit "Comment" privilege in Security > Roles, with 3 access (Read, Create and Delete). This will be configured by Tenant Admin - caters to Application level setting

  • New privilege will be available in below screen

Read - allows to view all comments (along with like and unlike);

Create - allows creation of new comments and respond to existing comment threads;

Delete - allows deletion of all comments




Roles impacted

All roles except Translator and DWC will have these new privileges to play around with.

Workflows impacted