In SAP NetWeaver BW release 7.3 a new Analysis Authorizations BAdI was introduced: BAdI RSEC_VIRTUAL_AUTH_BADI as part of Enhancement Spot RSEC_VIRTUAL_AUTH. The authorized values or hierarchy nodes can be determined dynamically during query runtime. It does not require any Analysis Authorization objects and PFCG Roles. Virtual Authorizations can be used to enhance any existing “classic” authorization model. I.e. you do not have to make an exclusive choice for one or the other, both classic and virtual can be used simultaneously and complementary.

I would like to share my implementation experience with virtual Profit Center and Cost Center authorizations. Please refer to my blogs Virtual Analysis Authorizations - Part 1: Introduction for an introduction and Virtual Analysis Authorizations - Part 2: Solution Details for the solution details.

In this document I will provide you with detailed implementation instructions for creating the control tables and their table maintenance views, implementing BAdI RSEC_VIRTUAL_AUTH_BADI and how to maintain the Implementing Class.

Please have a look here to download the attachment.

Step 1: Create Tables

SAP Menu: Tools > ABAP Workbench > Development > ABAP Dictionary

T/code: SE11

 

Create the following Tables and their corresponding Table Maintenance Dialog as shown in the screenshots:

• ZBW_VIRTAUTH_HIE - Virtual Authorizations - Hierarchy;


• ZBW_VIRTAUTH_VAL - Virtual Authorizations - Value;


• ZBW_VIRTAUTH_DEF - Virtual Authorizations - Default Hierarchy.

 

The Delivery and Maintenance settings as shown in the next screenshot are applicable for all tables.

 



Figure 1: Delivery and Maintenance Settings

 



Figure 2: Table Hierarchy Authorizations

 



Figure 3: Table Maintenance Dialog Hierarchy Authorizations

 



Figure 4: Table Value Authorizations

 



Figure 5: Table Maintenance Dialog Value Authorizations

 



Figure 6: Table Default Hierarchy

 



Figure 7: Table Maintenance Dialog Default Hierarchy

Step 2: Implement Enhancement Spot

SAP Menu: Tools > ABAP Workbench > Utilities > Business Add-Ins > Implementation

T/code: SE19

 

Implement Enhancement Spot RSEC_VIRTUAL_AUTH as shown in the screenshots.

 



Figure 8: Creating an Enhancement Implementation (1)

 



Figure 9: Creating an Enhancement Implementation (2)

 



Figure 10: Creating an Enhancement Implementation (3)

 

As shown in the next screenshot you should either choose for Copy Sample Class or Empty Class.

 



Figure 11: Creating an Enhancement Implementation (4)

 



Figure 12: Enhancement Implementation - General Settings

 



Figure 13: Enhancement Implementation - Implementing Class

 

If you previously chose for the option Empty Class, then don’t forget to implement method IF_RSEC_VIRTUAL_AUTHS~GET_AUTHS. Entering a comment will do for this moment.

Step 3: Maintain Class

SAP Menu: Tools > ABAP Workbench > Development > Class Builder

T/code: SE24

 

In Step 2 as part of the Enhancement Spot Implementation, Implementing Class YCL_RSEC_VIRTUAL_AUTHS was created without actual coding (in case of option Empty Class) or with samplecoding (in case of option Copy Sample Class). You now have to maintain the class to provide the appropriate coding.

Refer to the attached file YCL_RSEC_VIRTUAL_AUTHS_v2.txt. From here you can quite easily copy & paste the source code (part 1) and the descriptions (part 2).