You can use various authorizations in Case Management to control user access to case information. You set up authorizations by defining values for authorization objects in authorization profiles and then assigning them to users or user groups via roles.
You maintain authorization objects for user or roles in the SAP menu (
).For more information about authorizations, see SAP Authorization Concept.
The following authorization objects are specific to Case Management. In addition to these, you also require the SAP Records Management authorization objects. These are also included in the predefined roles. For a description of the SAP Records Management authorization objects, see The Authorization Concept for Working with Records Management (and subsequent sections) and The Authorization Concept for Customizing.
This object defines authorizations for entire cases. It contains the following authorization fields for which you can define values to control authorization:
CASETYPE: Case type
SCMG_ACT: Case processing activity, for example, create, change, or delete
SCMG_KEY: Key for authorization check
This field is a user exit that is relevant for authorization checks using the Business Add-In (BAdI) SCMG_AUTHORITY_S (method DETERMINDE_KEY). In this field, you can enter a current value for a field of an application. The BAdI generates a new key each time the authorization check is run.
This field is only checked if this BAdI is implemented.
SCMG_LVL: Authorization level
This field controls user access and processing activities dependent on the authorization level assigned to a case.
The values that you can enter for this field are specified in the Case Management Customizing activity
. At runtime, the system checks whether the user has authorization for the authorization level currently entered in the case. If the user does not have the correct authorization level, they cannot execute the activity.SCMG_ROLE: Role of the user in relation to the case (see above)
This field controls user access and processing activities dependent on the user's current role as defined in the case header data.
You can enter the value P (Processor) or R (Responsible)
for this field. Note that the value C is only relevant for SAP
Dispute Management (FIN-FSCM-DM)
.
Case processors have the role Processor
or Responsible
if
they are currently named in the case header as in the processor or person
responsible respectively. At runtime, the system checks which, if either,
of these roles the case processor currently has. If the user does not have
authorization for a role or is neither a processor or person responsible,
they cannot execute the activity.
SPS_ID: Element type within a case
This object defines authorizations for the attribute fields in a case header. It contains the following authorization fields for which you can define values to control authorization:
ACTVT: Activity (Change
, Display
)
CASETYPE: Case type
SCMG_FIELD: Attribute field
This field controls whether a user can display or change a case attribute.
SCMG_ROLE: Role of the user in relation to the case (see above)
SPS_ID: Element type within a case
This object defines authorizations to change the case status. It contains the following authorization fields for which you can define values to control authorization:
ACTVT: Activity (Change
)
CASETYPE: Case type
ORDER_NO: Status
The status that you enter here is the user-defined status, as defined in the Case Management Customizing activity
If you select values for this field using F4 Help, you can also see the details of the relevant status profile.SPS_ID: Element type within a case
This object defines authorizations for case notes. It contains the following authorization fields for which you can define values to control authorization:
ACTVT: Activity (Add or Create
, Change
, Display
)
CASETYPE: Case type
SPS_ID: Element type for case notes
TEXTID: Text ID
The values that you can enter for this field are specified in the Case Management Customizing activity
. At runtime, the system checks whether the user has authorization for the relevant type of text to determine whether the user can perform the desired activity for the text.