S_TABU_DIS allows access to Tables of a particular Authorization Group
S_TABU_NAM provisions access to particular tables
But, what if you want to restrict access to particular rows within a table?
This is where Authorization Object S_TABU_LIN comes into picture. You must have already heard about. But implementing the Authorization check using S_TABU_LIN is a bit tricky.
Let's go through with the process of applying a check on S_TABU_LIN on particular rows within a Table:
The Authorization Object has 3 Fields: Activity, Organizational Criteria and Attribute
The first step in implementation of line authorization is defining an Organizational Criterion.
As an example, we will put a restriction on Table - T77DB - Shift Groups. So, only Roles with access specific Shift groups will be able to view/change the data for these shifts.
You can define then using Tcode - S_BCE_68001484 OR via SPRO
We create a new Criteria: SHIFTGROUP
S_TABU_NAM provisions access to particular tables
But, what if you want to restrict access to particular rows within a table?
This is where Authorization Object S_TABU_LIN comes into picture. You must have already heard about. But implementing the Authorization check using S_TABU_LIN is a bit tricky.
Let's go through with the process of applying a check on S_TABU_LIN on particular rows within a Table:
The Authorization Object has 3 Fields: Activity, Organizational Criteria and Attribute
The first step in implementation of line authorization is defining an Organizational Criterion.
As an example, we will put a restriction on Table - T77DB - Shift Groups. So, only Roles with access specific Shift groups will be able to view/change the data for these shifts.
You can define then using Tcode - S_BCE_68001484 OR via SPRO
We create a new Criteria: SHIFTGROUP
Now we create the Attribute. We will call the Attribute as SHIFTGROUP as well:
Next step is to link it to the table T77DB and the Field - DIENSTGR (Shift group)
Now we go to Role and add the values to the the Object S_TABU_LIN
Now, this Role will hav eChange access to Shifts of ERP-TMC only.
No comments:
Post a Comment