Time based authorization control in Loyalty management
Recently in a customer project we got the requirement that customer needs the assignment block “Membership Activities” could only be visible for some user under a given period. The authorization for that user must be explicitly assigned by administrator with period clearly defined. For example, the user XXX could only be allowed to see that assignment block between 10:00AM ~ 10:30AM this Friday.
Since the SAP standard authorization concept could only support time based condition, we have to do some custom development:
1. We create a new UI component and put it to a new work center “Authorization Center”.
We put this new work center to business role LOY_ADMIN so that only Loyalty administrator could be able to assign / delete time based authorization.
Admin could choose the user via search help and click Assign button to grant authorization.
we use a custom table to store the authorization detail. This is OK since in customer company, normal user could only use webclient UI to access CRM with no SAPGUI installed. The authorization could be deleted by admin at any time if needed.
2. for UI component LOY102H_MSH, we enhance the view controller below, add a post exit on method DETACH_STATIC_OVW_VIEWS to filter the view
CUMSHMA.LOY102H_MSH/MSHMemberActivities by checking the authorization. The technical implementation could be found here.
The current user and current time is compared with authorization detail stored in custom table. If no authorization,
the assignment block will be hidden with a warning message displayed.