cancel
Showing results for 
Search instead for 
Did you mean: 

Analysis authorizations and planning functions

Former Member
0 Kudos

Dear experts!

I want that my users can not display certain data (e.g. a version) in a query, but they should be able to read this data in a planning function (e.g. formula, which reads this version to copy it to another version).

Is there a way to tailor the authorizations to reach the above described scenario?

By the way there seems to be no way to trace analysis authorizations used in planning functions.

Any help would be appreciated.

Cheers Michael

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

Hi.

As I understand you want user not be able to update data for particular IO MD values (defined as auth relevant) in input ready query, but on other hand this user be able to execute planning sequence in this unauthorized data ?

I affraid it is impossible, but you can try the next workaround:

Define process chain that runs this planning sequence and set in process chain user for execution with full authorizations.

Then user with restricted authorizations able to update only authorized data, but on pressing on any button ()let's say "Copy to another version") this user can run process chain, and this process chain has full authorization.

It is possible only if you are in BI7 (let's say in WAD7 there is command EXECUTE_PROCESS_CHAIN).

I don't think it is a good idea because executing planning sequences in PC may cause to locking problems and there is no possibility to define data binding for PC.

Regards.

Answers (4)

Answers (4)

Former Member
0 Kudos

Dear Bindu,

I understand your workaround. Unfortunately the effort to implement this would be too high, as we have already authorizations in place.

I've solved my issue using a workaround in my fox formula. Therefore I will close this thread.

Just to summarize:

.) analysis authorizations are not able to differentiate between queries and plannin functions

.) there is no way to trace analysis authorizations for planning functions

Thank you for your replies.

Best regards

Michael

Former Member
0 Kudos

A way to look at this requirement not in Authorization perspective.. Users shouldn't see certain versions in query but they should be authroized to deal with those versions data using planning functions.. What we do in this case is dont send these versions to query but send to planning functions.. 1. Maintain a Z-table with user id, list of versions either not authorized or authorized to depending on which option is easy to maintain.. 2. Use exit variable, which reads user id from current user login, gets corresponding version maintained in Z-table 3. Restrict version with this variable in the query (either include this variable or exclude based on the values maintained in Z-table), so that query can't display these versions data (this restriction is only for query not for planning function) 4. As this has nothing to do with authorizations, users will have access to those versions also in planning functions.

Former Member
0 Kudos

Hi.

No. But the problem lies in the analysis authorizations. Our planning function (formula) reads the not authorized data as reference data. The user never views this data.

ST01 doesn't work for analysis authorizations as far as I know.

I can't understand that SAP included no means to trace analysis authorizations for planning functions.

Regards Michael

Former Member
0 Kudos

Hi Andrey!

The problem is, I have to use a planning function and not a sequence, as I want to use data provider filter in BEx. As far as I know there is no chance to execute a planning function using a special user (as it would be possible with process chains).

If you know such a possibility, please tell me.

Is there a possibility to trace authorizations (analysis) for planning functions? In RSECADMIN there seems to be no feature to do this.

Cheers Michael

Former Member
0 Kudos

Hi.

Indeed, using plannig functions instead of sequences is impossible with concept I have suggested.

Have you tried to trace authorizations by ST01 ?

Regards.