Setting up authorizations when execution is done locally 

Regarding eCATT authorizations, you have to distinguish between two parts: the eCATT execution itself and the part in which the application is tested. Normally this is done on two different systems:

●      The eCATT script is located in system TCS (Test Content System). The eCATT code interpretation is also done in the TCS.

●      The test of the application itself is done in system SUT (System Under Test).

When the TCS and the SUT are the same, the authorizations in TCS and in SUT could contradict each other. There are two ways to overcome this:

Option 1

●      Allow activity 16 with SCAT and *.

This enables the execution in the target system. The reason is that if SCAT is allowed, also SECATT is allowed (and will not be checked separately).

●      Restrict activity 16 with ECAT, ECSC, ECTC to the allowed objects.

Option 2

●      Allow activity 16 with *.

This enables the execution in the target system for all eCATT objects.

●      As you also want to restrict the execution to certain eCATT objects, instead of restricting the execution of these objects (activity 16), you can simply restrict to display these objects (activity 03). Activity 03 is checked before the execution as well, as nobody should be allowed to execute when he is not allowed to display a certain eCATT object.

Disadvantage of option 2: Users will not be able to display the eCATT objects which are not included in the authority of the second step.