Implementing Virtual Analysis Authorizations
In SAP NetWeaver BW release 7.3 a new Analysis Authorizations BAdI was introduced: BAdI RSEC_VIRTUAL_AUTH_BADI as part of Enhancement Spot RSEC_VIRTUAL_AUTH. The authorized values or hierarchy nodes can be determined dynamically during query runtime. It does not require any Analysis Authorization objects and PFCG Roles. Virtual Authorizations can be used to enhance any existing “classic” authorization model. I.e. you do not have to make an exclusive choice for one or the other, both classic and virtual can be used simultaneously and complementary.
I would like to share my implementation experience with virtual Profit Center and Cost Center authorizations. Please refer to my blogs Virtual Analysis Authorizations – Part 1: Introduction for an introduction and Virtual Analysis Authorizations – Part 2: Solution Details for the solution details.
In this document I will provide you with detailed implementation instructions for creating the control tables and their table maintenance views, implementing BAdI RSEC_VIRTUAL_AUTH_BADI and how to maintain the Implementing Class.
Please have a look here to download the attachment.
Step 1: Create Tables
SAP Menu: Tools > ABAP Workbench > Development > ABAP Dictionary
Create the following Tables and their corresponding Table Maintenance Dialog as shown in the screenshots:
- ZBW_VIRTAUTH_HIE – Virtual Authorizations – Hierarchy;
- ZBW_VIRTAUTH_VAL – Virtual Authorizations – Value;
- ZBW_VIRTAUTH_DEF – Virtual Authorizations – Default Hierarchy.
The Delivery and Maintenance settings as shown in the next screenshot are applicable for all tables.
Figure 1: Delivery and Maintenance Settings
Figure 2: Table Hierarchy Authorizations
Figure 3: Table Maintenance Dialog Hierarchy Authorizations
Figure 4: Table Value Authorizations
Figure 5: Table Maintenance Dialog Value Authorizations
Figure 6: Table Default Hierarchy
Figure 7: Table Maintenance Dialog Default Hierarchy
Step 2: Implement Enhancement Spot
SAP Menu: Tools > ABAP Workbench > Utilities > Business Add-Ins > Implementation
Implement Enhancement Spot RSEC_VIRTUAL_AUTH as shown in the screenshots.
Figure 8: Creating an Enhancement Implementation (1)
Figure 9: Creating an Enhancement Implementation (2)
Figure 10: Creating an Enhancement Implementation (3)
As shown in the next screenshot you should either choose for Copy Sample Class or Empty Class.
Figure 11: Creating an Enhancement Implementation (4)
Figure 12: Enhancement Implementation – General Settings
Figure 13: Enhancement Implementation – Implementing Class
If you previously chose for the option Empty Class, then don’t forget to implement method IF_RSEC_VIRTUAL_AUTHS~GET_AUTHS. Entering a comment will do for this moment.
Step 3: Maintain Class
SAP Menu: Tools > ABAP Workbench > Development > Class Builder
In Step 2 as part of the Enhancement Spot Implementation, Implementing Class YCL_RSEC_VIRTUAL_AUTHS was created without actual coding (in case of option Empty Class) or with samplecoding (in case of option Copy Sample Class). You now have to maintain the class to provide the appropriate coding.
Refer to the attached file YCL_RSEC_VIRTUAL_AUTHS_v2.txt. From here you can quite easily copy & paste the source code (part 1) and the descriptions (part 2).