End-users, system administrators, and translators must all be assigned the appropriate authorizations allowing them to work with the SAP Query.
For example, end-users must not be authorized to maintain InfoSets.
You can set up authorizations in such a way, that certain end-users in a user group are authorized to maintain and execute queries, while other members of the same user group are authorized only to execute existing queries.
In order to give individual users targeted, specific rights, the following options are available:
Roles/user groups
A user has to be assigned to one or more role or user group before he or she can work with the Queries component.
This means that a user is able to access only those InfoSets assigned to the roles or user groups to which the user belongs.
Authorizations
You can also use authorization object S_QUERY to assign authorizations to users.
It has the field ACTVT, in which the following values can be entered:
Change (02)
Maintain (23)
Translate (67)
You can assign authorizations for each of these values.
Authorizations for the authorization object S_QUERY always refer to both work areas of the SAP Query.
If a user is given authorization to change queries, he or she is able to create and change queries in all the user groups to which he or she is assigned in both the standard area and the global area.
Activity |
Authorization |
---|---|
Maintaining queries |
A user requires the authorization with the Change (02) value for authorization object S_QUERY if you want him or her to be able to use the Queries component to create or change queries. You cannot revoke this authorization for the corresponding user group. You can restrict the authorization to change objects to individual user groups only. For more information, see Assigning Users and InfoSets. |
Executing queries |
|
Maintaining InfoSets |
If a user does not have this authorization, the only activities he or she can carry out are the following: selecting fields, connecting additional tables or structures, and defining parameters and selection criteria. |
Maintaining user groups |
A user requires the authorization with the Maintain (23) value for authorization object S_QUERY if you want him or her to be able to work with the User Groups component. |
Language comparison |
A user requires the authorization with the Translate (67) value for authorization object S_QUERY if you want him or her to be able to work with the Translation/Query component. |
Users who have authorization for the authorization object S_QUERY with both the values Change and Maintain, are able to access the queries in all the roles or user groups without being explicitly assigned to each of these roles or user groups.