Financial Management Blogs by SAP
Get financial management insights from blog posts by SAP experts. Find and share tips on how to increase efficiency, reduce risk, and optimize working capital.
cancel
Showing results for 
Search instead for 
Did you mean: 
0 Kudos

Here is an example created in the sample database "pwsample" regarding how to use "INDEX USER-CASE-ENDINDEX" statement to restrict web application users' access to particular dimension members so different users could have a different view when accessing the same scorecard (For example, User1 takes charge of all the stores of Boston and this user should not have the access to the data of stores in Miami.)

1. Create two PAS users with properties similar to the default user “Guest”, “Guest1” and “Guest2”.

2. Use the PAS model “HFPBM” in exclusive mode. Create a procedure named “Security” in the PAS model “HFPBM” with the following
content:

INDEX USER

CASE Guest1

…Guest1 is restricted to Boston on Store dimension

…Guest1 is restricted to Women and members below Women on PRODUCT dimension.

SELECT PRODUCT Women

SELECT PRODUCT plus Below Women

SELECT STORE Boston

CASE Guest2

… Guest2 has the full access

CASE Guest

…Guest has no access to any dimension members.

SELECT PRODUCT NONE

SELECT STORE NONE

SELECT CUSTOMER NONE

ENDINDEX

3. Exit PAS.

4. Modify the model connection of HFPBM, add more Application Server Connections, “Guest1” and “Guest2”. Assign the web application user “SSM_USER1” to “Guest1”, and the web app user “SSM_USER2” to “Guest2”.

5. Connect to the context “Fashion Enterprise” in the sample database “pwsample” separately through “SSM_USER1” and “SSM_USER2”. Compare the difference.

Scorecard of the user "SSM_USER1"

Scorecard of the user "SSM_USER2"