BW:Business Information Warehouse(Authorization Object: RS)

項目上要限制生產機修改報告，活頁簿和進程鏈的操作，所以呢，簡單說說相應的Authorization Objects

   

   

   

上面是SAP提供的Reporting Basic許可權

   

首先，S_RFC和S_TCODE是Analyzer所必須的

然後，R_RS_COMP這個看到的都懂，就是可以限制Query的種種

R_RS_COMP1這個其實就是多了一層，可以限制Query的Owner，也就是建立人

   

PS：我測試了下，COMP比COMP1優先順序高，也就是說，如果COMP1給了全部許可權，而COMP只給了查看，那就以COMP為準

   

   

   

活頁簿呢，就與眾不同了些

   

首先，限制使用者不可更改，要用到：

S_USER_AGR with ACTVT 03; ACT_GROUP

當然，S_GUI，S_RFC也不可少，

For saving workbooks in Favorites you need:

S_GUI

S_BDS_DS

   

For saving workbooks in Roles you need:

S_USER_AGR

S_USER_TCD

   

參照下面一段兒：

Dear Praveen,     Our collage vishnuC is on right, the authorization object that you need to include in your reporting role is     Saving workbooks in Favorites S_GUI: Authorization for GUI activities S_BDS_DS: Authorization for document set.     The values that I suggest to use in each authorization object are following S_GUI in the field activity put 60. For S_BDS_DS: in the field activity, please put 03 and 30 and class type put OT.     Saving workbooks in Roles: S_USER_AGR= authorization for role check S_USER_TCD=transaction in roles     The values that I suggest to use in each authorization object are following S_USER_AGR in activity field put 01, 02 y 22. for delete Woorkbook put also 06 value. In field role name put "*". Other hand in S_USER_TCD put in Tcode "RRMX"     I hope this can help you! Luis     來源文件 <https://forums.sdn.sap.com/thread.jspa?threadID=884471>

   

   

   

多說一句，那麼Process Chain的呢