Portal Roles (SAP Library - CAF Guided Procedures)

Portal Roles

Use

Guided Procedures comes with a set of predefined SAP Enterprise Portal roles. They define the permissions for user access to a predefined GP workset.

Integration

The mapping between users and GP portal roles is an administrative task. It is done using the User Management console of SAP Enterprise Portal. For more information, see Structure link User Administration Console.

Features

Guided Procedures Portal Roles

Role	Technical Name	Description
GP User	com.sap.caf.eu.gp.roles.runtime	The GP runtime workset is added to the portal view of the users that are assigned to this role. They can initiate processes and execute the actions that are assigned to them. No special UME permissions are assigned for this role.
GP Business Expert	com.sap.caf.eu.gp.roles.designtime	This role enables access to the Guided Procedures design time toolset. Users assigned to this role can see the design time workset in the portal. However, to be able to work with the design time tools, they must hold at least one of the following roles as well: ● GP Basic User, ● GP Expert User ● GP Advanced User
GP Administrator	com.sap.caf.eu.gp.roles.administration	This role enables access to the Guided Procedures administration and transport tools. Users assigned to this role can manage process instances, configure queues, transport GP content across systems, and so on.
GP Security Administrator	com.sap.caf.eu.gp.roles.securityadmin	This role enables users to manage the impersonation settings for callable objects of type External Service or Web Service. For more information, see Managing Impersonations.
GP Superuser	com.sap.caf.eu.gp.roles.superuser	All permissions defined for Guided Procedures are assigned for this role. If you assign only this role to a user, the user will not see the GP worksets in the portal, but will hold all permissions to edit objects. To enable users to see the GP worksets, you must explicitly assign the GP Administrator, Business Expert, or User role to them. Use this role in the following scenarios: ● In local development installations for test purposes ● In productive systems as an emergency user
GP SAP System User	com.sap.caf.eu.gp.roles.sap_system_user	This role enables the execution of callable objects in GP from the backend system side.

In addition to the roles listed above that grant access to entire GP worksets, design time-specific portal roles are also defined. They enable the assigned users to access design-time functions and callable object types, for which a specific permission level (basic, advanced, or expert) is set. To configure the permission level, you go to the GP Administration workset and open General ® Manage Permissions.

Design Time-Specific Roles

Role	Technical Name	Description
GP Basic User	com.sap.caf.eu.gp.roles.dt.basic	This role enables users to access functions that the GP Administrator has assigned to the basic permission level.
GP Advanced User	com.sap.caf.eu.gp.roles.dt.advanced	This role enables users to access functions that the GP Administrator has assigned to the advanced permission level.
GP Expert User	com.sap.caf.eu.gp.roles.dt.expert	This role enables users to access functions that the GP Administrator has assigned to the expert permission level.