Portal
Roles
Use
Guided Procedures (GP) comes with a set of predefined SAP Enterprise Portal roles. To set up portal roles, you define the permissions for user access to a predefined GP workset.
The mapping between
users and GP portal roles is an administrative task. It is done using the user
management engine (UME) of
the Enterprise Portal (EP). For more information, see
Identity
Management.
Guided Procedures Portal Roles
The following roles can be assigned to a specific user.
Role |
Technical Name |
Description |
GP User |
com.sap.caf.eu.gp.roles.runtime |
Users assigned to this role can initiate processes and execute the actions that are assigned to them. No special UME permissions are assigned for this role. To see the GP runtime workset, you need to assign the GP Runtime WC role as well. |
GP Runtime WC |
com.sap.caf.eu.gp.roles.runtime_wc |
The GP runtime workset is added to the portal view of the users that are assigned to this role. You need to assign the GP User role as well, so that users can work with the runtime tools. |
GP Business Expert |
com.sap.caf.eu.gp.roles.designtime |
This role enables access to the Guided Procedures design time toolset. Users assigned to this role can see the design time workset in the portal. However, to be able to work with the design time tools, they must hold at least one of the following roles as well: ● GP Basic User, ● GP Expert User ● GP Advanced User |
GP Administrator |
com.sap.caf.eu.gp.roles.administration |
This role enables access to the Guided Procedures administration and transport tools. Users assigned to this role can manage process instances, configure queues, transport GP content across systems, and so on. |
GP Security Administrator |
com.sap.caf.eu.gp.roles.securityadmin |
This role enables users to manage the impersonation settings for callable objects of type External Service or Web Service. For more
information, see
|
GP Superuser |
com.sap.caf.eu.gp.roles.superuser |
All permissions defined for Guided Procedures are assigned for this role. If you assign only this role to a user, the user will not see the GP worksets in the portal, but will hold all permissions to edit objects. To enable users to see the GP worksets, you must explicitly assign the GP Administrator, Business Expert, or User role to them.
Use this role in the following scenarios: ● In local development installations for test purposes ● In productive systems as an emergency user |
GP SAP System User |
com.sap.caf.eu.gp.roles.sap_system_user |
This role enables the execution of callable objects in GP from the back-end system side |
Design Time–Specific Roles
In addition to the roles listed above that grant access to entire GP worksets, you can also define design time-specific portal roles.
Role |
Technical Name |
Description |
GP Basic User |
com.sap.caf.eu.gp.roles.dt.basic |
This role enables users to access functions that the GP Administrator has assigned to the basic permission level. |
GP Advanced User |
com.sap.caf.eu.gp.roles.dt.advanced |
This role enables users to access functions that the GP Administrator has assigned to the advanced permission level. |
GP Expert User |
com.sap.caf.eu.gp.roles.dt.expert |
This role enables users to access functions that the GP Administrator has assigned to the expert permission level. |
More Information:
Role Assignment