Defining Authorizations

You define authorizations to grant users (groups or roles) the permissions to execute one or more permitted actions in the ES Repository.

Prerequisites

You are familiar with the concepts of authorization in the ES Repository. For more information, see Authorizations.
You have created users, roles, and groups in the central user management. For more information, see User Management.
If you want to assign basic permissions to users:
- You have activated the ES Repository property com.sap.aii.ib.server.acl.enable.
  If you have installed SAP NetWeaver CE in your landscape, see Activating ES Repository Properties for Authorization.
  
  If you have installed SAP NetWeaver Process Integration in your landscape, see Creating Users with Data-Dependent Authorizations.
- You are assigned to the role SAP_XI_ADMINISTRATOR_J2EE or SAP_XI_CONTENT_ORGANIZER_J2EE.
If you want to assign advanced permissions to users:
- You have enabled advanced authorizations. For more information on how to enable advanced authorizations, see Configuring Advanced Authorizations.
- You are assigned to the role SAP_XI_ADMINISTRATOR_J2EE.

Procedure

Log on to the ES Builder.
From the navigation tree, select the object, folder, namespace, or software component version on which you want to define permissions.
In the context menu, choose Edit Authorizations.
To create a new authorization, choose (Insert New Authorizations).
In the Type column, specify whether you want to assign authorizations to a user, group, or role.
In the Name column, select the name of the user, group, or role to which you want to assign authorizations, using F4 help.
In the Authorizations column, select the actions you want to assign to the specified user, group, or role, using F4 help.
If you want to copy the assigned authorizations from higher level objects to lower level objects, follow the steps below:
1. Choose (Inherit Selective Authorizations).
2. In the Select Selective Authorizations dialog box, select the authorizations that you want to copy and choose Apply.
If you want to assign authorizations saved for the current object to all the substructures, for example all underlying folders, choose (Propagate All Authorizations to Substructures) .
If you want objects at the current level to inherit authorizations assigned at a higher level, select the Inherit permission from parent check box.
A list of valid actions with details of the parent from whom the permissions is inherited is displayed.

Note
This field is displayed only if advanced authorizations are enabled.

End of the note.
Choose Apply.
Note
- To view a list of all the authorizations defined in the ES Builder, choose Tools Display Edited Authorizations .
- To view authorizations modified by users, refer to the change logs in the SAP NetWeaver Administrator. Filter the Category column by /System/Changes/Security/AccessControl and the Application column by sap.com/com.sap.xi.repository.
End of the note.