Authorizations for
Documents 
Definition
A user needs the appropriate authorizations to display or edit a document for a BI object.
Use
In order to edit documents in the Documents functional area of the Data Warehousing Workbench the user needs authorization for the authorization object S_RS_ADMWB Data Warehousing Workbench Object with the respective document class:
· Metadata: DOC_META
· Master data: DOC_MAST
· InfoProvider data: DOC_TRAN
In order to edit documents on the Documents screen for a specific BI object, the user needs the following authorizations for the individual document classes:
...
1. Metadata
If you have the authorization to display or to edit a metadata object, you can also display or edit the documents for these metadata objects.
Valid activities are:
Activity |
Name in BI Context |
What You Need to Know |
03 (display) |
display |
|
23 (maintain) |
maintain |
Included are: create, change, delete |
2. Master data
If you have the authorization to display or to edit in specific master data, you can also display or edit the documents for these characteristic values.
Valid activities are:
Activity |
Name in BI Context |
What You Need to Know |
03 (display) |
display |
|
23 (maintain) |
maintain |
Included are: create, change, delete |
3. InfoProvider data
Authorization objects for InfoProvider data are not delivered. They are created as required. For more information, see Analysis Authorizations.
Note: The Activity field needs to be included in the authorization objects that are to model the authorizations for documents. The user only has display authorization if this field is missing. We recommend you include the Activity field particularly for new projects or sub-projects.
To include the Activity field in existing authorization objects, you firstly need to delete all previous authorizations. For running projects, we therefore recommend the following procedure: Assign the old authorizations to those users who receive the display authorization. Create a new authorization object with the field Activity and also give this to users who are also to be given authorization for editing documents.
If a Reporting user has the display authorization for the InfoProvider data of a specific area (for example, customer 1-1000 and material 3000-5000), this user can also display the documents for this InfoProvider data.
The BI Security Manager has to be configured in the portal so that the checks described can be performed for the documents in the portal too.
In order to give a user the authorization for editing InfoProvider data documents, the system administrator has the following options:
Activity |
Name in BW context |
What You Need to Know |
The user receives the authorization for the data with activity 36 (enhanced maintenance) in the authorization objects for InfoProvider data. |
maintain_documents |
You can also assign display authorization for one area, and editing authorization for the other.
Note: In this case, the user is not allowed the authorization “Authorization object S_RS_ADMWB Data Warehousing Workbench Object = DOC_TRAN“ for the maintenance of documents (see next row). |
With the authorization objects for InfoProvider data, the user has the display authorization for the data (display) and additionally receives authorization to maintain documents: Authorization object S_RS_ADMWB Data Warehousing Workbench Object = DOC_TRAN |
maintain |
A different assignment of authorizations is not possible: for all of the areas for which the user currently has no authorization, the user receives, along with this, the authorization to edit. We recommend that you assign a Reporting user only this combination of authorizations if it would be too time-consuming to change all the existing authorization objects individually. |