Show TOC

Procedure documentationDefining Authorizations Locate this document in the navigation structure

 

You define authorizations to grant users (groups or roles) the permissions to execute one or more permitted actions in the ES Repository.

Note Note

These activities are performed by a system administrator.

End of the note.

In the ES Builder, you can either define new or edit default authorizations for the objects in a folder, namespace, or software component version. The system checks for authorizations based on hierarchy. Firstly, the system checks authorizations for folders and then authorizations for namespaces and software component versions. If no authorizations are defined, the default setting takes effect.

You also have the option of defining authorizations by using user roles.

More information: Defining User Roles

Prerequisites

  • You have created users, roles, and groups in the central user management.

    More information: User Management

  • You have activated the ES Repository property com.sap.aii.ib.server.acl.enable.

    For more information about activating authorization checks, see Activating ES Repository Properties for Authorization

Procedure

  1. Log on to the ES Builder.

  2. To define authorizations or edit the default settings, follow the steps below:

    1. To define authorizations, perform the following sub steps:

      1. Select a software component version, namespace, or folder in the navigation tree.

      2. In the context menu, choose Edit Authorizations.

    2. To edit the default settings for authorizations, choose   Tools   Default Settings for Authorizations  .

    The Edit Authorization screen is displayed.

  3. To create a new authorization, choose Insert New Authorizations (Insert New Authorizations).

  4. In the Type column, specify whether you want to assign authorizations to a user, group, or role.

  5. In the Name column, select the name of the user, group, or role.

  6. In the Permissions column, select from the following permitted actions:

    • Edit Authorizations - Allows the selected user, group, or role to modify the authorizations defined in ES Builder

    • Execute Reports - Allows the selected user, group, or role to run reports on the Process Component Interaction Models and assign defined usage profiles to users

    • Write - Allows the selected user, group, or role to create, modify, and delete objects

  7. If you want objects at the current level to inherit the authorizations assigned to objects at a higher level, follow the steps below:

    1. Choose Inherit Selected Authorizations (Inherit Selected Authorizations).

    2. In the Select Selective Authorizations dialog box, select the authorizations that you want to inherit for the current level, and choose Apply.

  8. To assign authorizations defined for the current object to all the substructures, for example all underlying folders, choose Propagate All Authorizations to Substructures (Propagate All Authorizations to Substructures).

  9. Choose Apply.