With the various authorization objects you can control the extent to which a user can create or change a query. These authorizations are checked in the dialog for opening a query.
There are also special authorizations for Information Broadcasting.
When you open a query, you will see four pushbuttons in the dialog box. The History, Favorites and Roles buttons only display your own queries and those queries intended for you per role definition.
The InfoArea button enables you to look at all queries for which the user has display authorization. If this display authorization is not restricted to queries, the user will see all available queries in the system here. It is possible to hide the InfoArea button, if you do not want the user to see all queries in the system. The authorization object S_RS_FOLD with the field SUP_FOLDER can be used here. In order to hide the InfoArea button, set this field to X when authorizing, otherwise leave the field blank or set it to * (star – all authorizations). The button will be displayed if the authorization check fails.
It is also possible to make queries from particular owners (= OWNER = query creator ) available to other users ( = USER) for display or processing. The authorization object S_RS_COMP1 with four fields (COMPID, COMPTYPE, OWNER, ACTVT) is used here.
You can grant this authorization to a particular team or use the variable $USER to give all users the authorization for queries that they created themselves. “$USER” is replaced by the corresponding user name during the authorization check.
See also the Examples for Authorizations for the Query Definition.
Using the authorization object S_RS_BCS, you can determine which user is allowed to register broadcasting settings for execution and in which way.
· The only authorization necessary for the online execution of broadcasting settings is the authorization for the execution of the underlying reporting objects (for example, the Web template).
· Any user that has authorization to create background jobs also has authorization for direct scheduling in the background.
· If you need to work under the name of another user to execute broadcast settings (for example with user-specific precalculations), the authorization object S_BTCH_NAM for background scheduling is also required for the other user. For more information, see Authorizations for Background Processing and Defining Users for Background Processing.
When a query is opened, the authorization for the individual objects is checked. See also Overview: Authorization Objects