(DV-2411) Appendix A - DVD Authorization Concept
Authorization checks are not part of the standard release transport of the product and are delivered in separate transport on request.
InfoProvider authorization check implementation
InfoProvider authorization check controls access to image data of the following test cases:
- ListCube Test Case
- SLO ListCube Test Case
- Drill Down Test Case
- DTP Test Case
FMs of the standard Listcube transaction are used for the InfoProvider authorization check. If the user does not have permission to see all data of InfoProvider (taking into account all analysis authorizations) (regardless of what does image contains) he will not be able to display the results of such InfoProvider image in SNP Validate.
Currently used authorization checks consist of calling these modules:
RSDRC_AUTHORITY_CHECK: For analysis authorizations.
RSSB_AUTHORITY_CHECK: For S_RS* like standard authorizations on BW reporting.
This implementation is more restrictive but is function-wise the same as the SAP authorization concept.
Additional information
- For RFC-based variants authorizations for InfoProvider are checked against the used RFC user.
- If by any chance authorization check will be not done completely (RFC not working, InfoProvider no longer exists) data will not be displayed.
- If there is a different after image variant used in the variant, an authorization check is done also for the values of that variant. If any of those two authorization checks fails no data are displayed.
Query authorization check implementation
Query authorization check controls access to image data of the following test case:
- Query Test Case
Additional information
- For RFC-based variants, authorizations for Query/InfoProvider are checked against the used RFC user.
- If by any chance authorization check will be not done completely (RFC not working, InfoProvider no longer exists) data will not be displayed.
- If there is a different after image variant used in the variant, an authorization check is done also for the values of that variant. If any of those two authorization checks fails no data are displayed.