Skip to Content

Hi to all…

I write this little blog post about how to define permissions for viewing documents of sale / purchase by users.

I use this blog post as a notepad (my memory is leaving 😉 ) and hoping that it will be useful to other users of the forum.

Well..

First of all my system configuration (test and production env):

sap b1 8.82 PL05

mssql 2005 no istance name

23 sap users

then, the prerequisites:

  • Each BP MUST have the sales agent defined and selected
  • Each SAP users MUST have:
    • an active user (obviously…)
    • a record in the master Human Resource
    • a sales agent set.

The goal:

set up the system so that the USER_A can only see the sale/purchase documents of customers/suppliers assigned to him. In other words:

  • BP_1 with sales agent USER_A
  • BP_2 with sales agent USER_B

USER_A can only see the sales/purchase document of the BP_1. If USER_A select  Eg a sales document (search by docnum..) of BP_2 => Error message.

My procedure, actually working in production env:

Ok.. . .

  1. I created for each sap user a sales agent
  2. Moreover, for each sap user , I created a record in the Human Resource Master Data.
  3. From Huma Resource Master Data, for each record of the sap user, we must set the User Code = Sap User Name and set the Sales Employee = Sales agent
    1. E.g. Mr. Franco Rossi have:
      1. SAP USER NAME => franco
      2. SAP SALES AGENT => franco rossi
      3. SAP HR record => rossi franco
    2. In Huma Resource Master Data, the record of rossi franco must have set the user code => franco and the sales employes => franco rossi.

Ok. Now a little explanation about the Data Authoriations Ownership and Data Ownership Exception.

Super User can see everthing (obviously..). The other user will see the docuemnts for wich they are Header Owner and / or rows owner, depending on settings in the Data Ownership Exception.

Well.. In data Ownership Exception => Objects Panel, for each document you must set the filter type:

  • No filtering => all users can see all documents
  • By Header and row owner => The document can be viewed only by the header owner and / or the row owner
  • By Header Only => The document can be viewed only by the header owner.

After that, If you enable the flag “ENABLE OWNERSHIP FILTRATION” in Data Ownership Exception, users will be able to see (for documents for which the rules have been set in the previous step) only the documents for which they are the owners.

A small clarification. if you need to have a user who can see other users’ documents, but can not be a super user (eg: the secretary who enter sales orders for the agent etc etc) , well you can reach the goal with the TEAM section in Human Resource Master Data. (HR Master data =>Membership Panel => on teh right.. team selection).

I do it in this way. For each Sales Agent, I created a “SALES_TEAM” with sales agent name and the sales agent is the Leader of that team.

For the… “Secretary… 😐 ” I created a “SALES_SECRETARY _TEAM” and the secretary is:

  • the leader for the SALES_SECRETARY_TEAM
  • She is a member of each SALES_TEAM for which she must be able to view documents
  • In the Data Ownership Authorisation, under the TEAM COLUMN, set FULL for the document you want to share

And that’s all…

If you need more explanation or help… You can post a comment here o write me a message..

Sorry for my english… it’s so bad….

have a nice day


To report this post you need to login first.

3 Comments

You must be Logged on to comment or reply to a post.

  1. Dhaval Bhatt

    Hello Friends,

    I have created a user manager under whom I have created two different sales users.

    How can I block the master data created by both the sales user by which they can not see the master data of each other.

    (0) 
    1. Gianluca Calloni Post author

      Hi Dhaval.

      Your situattion is:

      USER_A =>Manager

      USER_B => Sales Agent under USER_A

      USER_C => Sales Agent under USER_A

      Yor goal is that USER_A (manager) can see all documents of both USER_B and USER_C.

      USER_B and USER_C can see only documents on wich they are owner (in other words, USER_B can not see any documents owned by USER_C and viceveresa..)

      I understand right?

      (0) 
      1. Dhaval Bhatt

        Hi Gianluca,

            

        First of all thanks for complying.

        Yes you understand my problem correctly, however my requirement is not only to restrict USER_B to view or edit the documents created by USER_C but also to restrict the Customer Master data created by USER_C in SAP Business One.

        Thanks & Regards

        Dhaval

        (0) 

Leave a Reply