博客
关于我
强烈建议你试试无所不能的chatGPT,快点击我
权限变量 --转载
阅读量:5959 次
发布时间:2019-06-19

本文共 6930 字,大约阅读时间需要 23 分钟。

其实权限变量不是变量的一种,大家的俗称而已,它是可以作用于characteristic value variables and hierarchy node variables的一种Processing by的选择。

   

首先看官方文档:

   

Authorization 

Use

The processing type Authorization enables variables to be filled with values automatically from the user authorization.

Integration

The processing type Authorization can be used with characteristic value variables and hierarchy node variables.

Prerequisites

You have maintained the

in transaction RSMM.

Features

When you create a variable, if you choose Process with Authorization, the variable is automatically filled with the values of the user's authorization. When the user opens a query, the data is selected automatically according to his or her authorizations.

Note that when they are automatically filled, variables do not have to be ready-for-input, which means a variables screen does not necessarily appear when you open the query or Web application. The user opens the query with the authorization variable, and can see only the data that corresponds to his or her authorizations.

Activities

In the variable wizard in the General Information dialog step, choose the processing type Authorization.

   

Pasted from <>

   

   

然后看Authorizations with variables

   

   

Authorizations with Variables 

Definition

Instead of using a single value or interval, you can also use variables in authorizations. The is called up for these variables while the authorization check is running. The call is carried out with I_STEP = 0. The intervals of characteristic values or hierarchies for which the user is authorized can be returned here. By doing this, the maintenance load for authorizations and profiles can be reduced significantly.

Every cost center manager should only be allowed to evaluate data for his/her cost center. Within the SAP authorization standard, a role or a profile with the authorization for the InfoObject 0COSTCENTER equal to 'XXXX' (XXXX stands for the particular cost center) would have to be made for every cost center manager X. This then has to be entered in the user master record for the cost center manager.

Using variables reduces the authorization maintenance workload with the InfoObject 0COSTCENTER equal to '$VARCOST', as well as with the role or the profile, which is maintained for all cost center managers. The value of the variable 'VARCOST' is then set for runtime during the authorization check by the CUSTOMER-EXIT 'RSR00001'.

Maintaining the authorizations restricts the entries for the values to the length of the existing InfoObject. It is possible, however, to use both limits of the interval. In the example 0COSTCENTER with 4 spaces, the variable 'VARCOST' is, therefore, entered as '$VAR' – 'COST'.

There is a buffer for these variables. If this buffer is switched on, the customer exit is only called up once for a variable with the authorization check. In doing so, you avoid calling up the customer exit for variables over and over, as well as decreasing performance. If you want to call up the customer exit each time, you have to deactivate this buffer in the . To do this, go to the main menu and choose Extras Compatibility Buffer for Variables (Customer-Exit) Deactivate..

You can also call up the customer exit for authorizations for hierarchies. There are two ways to do this:

...

      1.      Enter the variable in the authorization for characteristic 0TCTAUTHH. The customer exit is then called up while the authorization check is running. In the LOW fields of the return table E_T_RANGE, the system anticipates the technical name for the hierarchy authorization that you specified in the authorization maintenance (transaction RSSM).

As a result, all parameters are available for such an authorization. Nevertheless, you must also create a new definition for each node.

      2.      Where many authorizations differ from an authorization for a hierarchy only in respect to the nodes and not to the other authorizations, we suggest the following solution: Different users can be authorized for a specific hierarchy area (subtree). The highest node is different for each user.

Do this by creating an authorization for a hierarchy in the transaction RSSM and enter this in the authorization or role. Instead of specifying a particular node, you specify the variable in the authorization maintenance (transaction RSSM). The customer exit is then called up for the node while the authorization check is running. The return table E_T_RANGE must be filled according to the customer exit documentation (nodes in the LOW field, InfoObject of the node in the HIGH field).

   

Pasted from <>

   

   

   

最后看几种处理Authorization的方式:

   

   

Authorization Using Variables 

When starting a query, data selection can automatically follow user authorization. You need to use variables here. Since the variables are filled automatically, these must not be entry-ready. As a result, they do not appear in the variable screen. It is thus possible to start a query and to adjust authorizations, without the user having to do anything.

  1. Filling the Variables Automatically:
    In variable maintenance, choose Processing from Authorization. Here, the variable is automatically filled with the values in the user authorizations. This applies not only to selection variables (characteristic values) but also to node variables.
    Do not use single value- or interval variables, because these can only contain exactly one value or interval respectively.
    You can find additional information under .
  2. Filling the variables in the customer exit.
    You can process all variable types (characteristic value variables, hierarchy node variables, formula- and text variables) using the processing type Customer Exit. Do this by choosing SAP enhancement RSR00001. This is the usual method in BW reporting. Also refer to .
    If you need the authorized values or hierarchy nodes, use the following function modules:
    RSSB_GET_AUTH_FOR_USER returns the permitted single values and intervals.
    RSSB_GET_AUTH_HIER_FOR_USER returns the node at the top of the permitted hierarchy section, as well as all permitted sub-areas. You should only use this module in special cases. This is because it uses the internal display of the hierarchy and nodes.
    You can find additional information under .
  3. Filling Variables with 'SAP Exit' or 'Replacement Path' Types:
    You can use the characteristic 0TCTUSERNM with the variable 0TCTUSEE, which are always filled with an SAP exit with the user name (sy-uname). The user name is set (no entry field) and is rechecked in the authorization check. You only need one authorization with the variables for all users (lower maintenance load). The user also safeguards data when the query is changed.
    You can find additional information under
  4. Filling Variables Using a Query:

    The variable can also be filled using the result from another query.

    Use here the functions of the

    . Also refer to .

   

Pasted from <>

   

   

   

总的来说,如果要使用它,首先要维护权限,TCODERSECADMIN

然后呢,给某个IO设置权限相关,然后RSECADMIN里维护权限,把IO添加进去,设置下值范围,再把权限分配给用户,这样,用户登录以后就受到权限的约束了。

转载地址:http://ytuax.baihongyu.com/

你可能感兴趣的文章
各型号英特尔CUP的功率
查看>>
scanf()中的%c 不能正常输入的问题
查看>>
encodeURIcomponent编码和ASP.NET之间编码转换
查看>>
实验三 区域四连通填充算法
查看>>
关闭selinux服务
查看>>
centos中安装、升级git
查看>>
单元测试基本路径覆盖法(转)
查看>>
十三、栅栏CyclicBarrier
查看>>
简单搭配(Collocation)隐私声明
查看>>
2013编程之美资格赛【传话游戏】
查看>>
关于Dictionary的线程安全问题
查看>>
在python中单线程,多线程,多进程对CPU的利用率实测以及GIL原理分析
查看>>
CentOS6.5+mysql5.1源码安装过程
查看>>
Js 笔记
查看>>
C++: find()函数的注意事项
查看>>
js的事件学习笔记
查看>>
leetcode 【 Add Two Numbers 】 python 实现
查看>>
Android接收系统广播
查看>>
将网络中的图片存为NSData并保存到sqlite的BLOB字段中
查看>>
Cocos2d-js-v3.2 在 mac 上配置环境以及编译到 Andorid 的注意事项(转)
查看>>