Authorization Checks in Travel Planning
Definition
The authorization check for accessing objects in Travel Planning corresponds to the general SAP authorization checks.
The term
authorization object is of fundamental importance for the SAP authorization check. An authorization object is a list with a maximum of ten authorization fields. The authorization objects are listed in table TOBJ.All of the authorization fields existing in any authorization object are defined with their attributes in table AUTHA in the repository.
An authorization for an authorization object is an assignment of values to the object’s fields.
Several authorizations for an object can be collected in one composite profile.
For more information about authorizations and the profile generator see the SAP Library under Basic Components ® Computing Center Management System (BC-CCM) ® Users and Authorizations.
Authorization object Travel Planning (F_TRAVL)
This authorization object is used for the authorization check in Travel Planning.
When you call Travel Planning a check is first made as to whether you at least have reading authorization (authorization level R). If this is the case a more detailed authorization check is carried out in the transaction.
Note that the values specified for the individual fields do not generally include other values. This means that if you want to assign the authorization levels 'R' and 'W', you must specify each value specifically.
The authorization object contains the following fields:
Name of authorization field |
Meaning of field |
AUTHC |
Authorization level |
AUTHP |
Personnel number check |
BUKRS |
Company code |
KOSTL |
Cost center |
PERSA |
Personnel area |
PERSG |
Employee group |
PERSK |
Employee subgroup |
PTZUO |
Employee grouping for Travel Management |
VDSK1 |
Organizational key |
The values of the AUTHC and AUTHP are explained in more detail in the following section Values of the individual authorization fields.
The values for the authorization fields
BUKRS, KOSTL, PERSA, PERSG, PERSK and VDSK1 originate from Infotype 0001 (organizational assignment), the value for the field PTZUO is filled from the specifications Infotype 0017 (travel privileges).For more information about authorizations see the SAP Library under Basic Components ® Computing Center Management System (BC-CCM) ® Users and Authorizations ® Profile Generator: Generating Profiles Automatically.
Values of the individual authorization fields:
The authorization field AUTHC
In the components HR and Travel Management (FI-TV) the authorization level is defined using the field AUTHC. The following authorization level values are possible:
Value |
Authorization for |
R |
Read (display travel plans) |
W |
Maintain SAP data (create/change travel plans) |
A |
Approve travel plans |
B |
Book in connected reservation system |
C |
Book approved trips in connected reservation system |
Q |
Create trip templates |
* |
All operations |
You can only specify the values 'W', 'A', 'B' and 'C' together with 'R' and you must specify the value 'Q' together with 'R' and 'W'.
The authorization field AUTHP
In the field AUTHP the value for the personnel number check must be defined.
Value |
Authorization for |
O |
Own personnel number only |
E |
All personnel numbers except own |
* |
All personnel numbers |
If the authorizations in the AUTHP field have the value 'O' or 'E', the assignment user name/personnel number must be defined in the HR Infotype
0105 (communication), subtype 0001 (system user name SAP system).Example of the values for the authorization field AUTHP:
Assign the required authorizations for all the other fields as well.
In the case of the value 'O' you should, for the sake of simplicity, enter '*' in the employee's organizational assignment fields (that is, all the fields except AUTHC) so that you do not have to change the authorization values manually in the case of an organizational change, for example.