Role Administration

Use

You can define roles for Case Management, to which you then assign authorizations (transaction PFCG). SAP supplies two example roles:

  • SAP_BC_CM_USER

    This role contains all authorization objects that are relevant for using Case Management.

  • SAP_BC_CM_ADMINISTRATOR

    This role contains all authorization objects that are relevant for the use, administration, and Customizing of Case Management.

The authorization objects that are specific to Case Management are documented below. In addition to these, you also require the Records Management authorization objects. These are also included in the example roles. For a description of the Records Management authorization objects, see the following sections of the Records Management documentation: The Authorization Concept for Working with Records Management (and subsequent sections) and The Authorization Concept for Customizing.

Authorization Object S_SCMG_CAS

The authorization object refers to cases. It has the following authorization fields:

  • CASETYPE: Technical name of a case type.

  • SCMG_KEY: Key for the authorization check

  • SCMG_ACT: Number of an activity.

    This key is not saved in the case. Instead, a new one is created every time that the authorization check is started. The key represents an user exit. In the field you can enter the current value of a field of an application. To use the user exit, you have to implement the BAdI SCMG_AUTHORITY_S and the method DETERMINE_KEY. If the BAdI is not implemented, this field is not checked.

  • SCMG_LVL: Values of the attribute "authorization level".

    The values that you enter must have already been created in the IMG activity Create Values for Attribute "Authorization Level". During runtime the system checks whether the user has the authorization for the authorization level that is entered in the case. If the user does not have the authorization, he or she is not permitted to perform the activity.

  • SCMG_ROLE: Role of the user for the current object.

The following values are possible: "P" (Processor) or "R" (Responsible). Each user has a particular role when processing a case: The user is the Processor when he or she is currently scheduled as the processor of the case. The user is the Responsible if his or her user name is currently entered as the attribute Responsible. During runtime, the system checks which of the two roles the processor of a case currently has. If the processor does not have the authorization for this role, he or she is not permitted to perform this activity. In other applications, additional values can be used here. To assign authorizations to users who do not have a particular role for the object (case), enter * in this field.

  • SPS_ID: ID of an element type for cases

Authorization Object S_SCMG_FLN

This authorization object refers to the attributes of a case. It has the following authorization fields:

  • ACTVT: Number of an activity.

  • CASETYPE: Technical name of a case type

  • SCMG_FIELD: Technical name of an attribute of the case

    When the case is displayed, the user only sees the attributes for which he or she has authorization.

  • SCMG_ROLE: Role of the user in relation to the current object (see above)

  • SPS_ID: ID of an element type for cases

Authorization Object S_SCMG_STA

This authorization object refers to the status of a case.

  • ACTVT: Number of an activity.

  • CASETYPE: Technical name of a case type

  • ORDER_NO: Number of the status

  • SPS_ID: ID of an element type for cases

Authorization Object S_SCMG_TXT

This authorization object refers to case notes.

  • ACTVT: Number of an activity.

  • CASETYPE: Technical name of a case type

  • SPS_ID: ID of an element type for case notes

  • TEXTID: Text ID

    The values that you enter must have already been created in the IMG activity Set Text IDs.