Portal Roles
Use
Guided Procedures comes with a set of predefined portal roles. They define the permissions for user access to a predefined GP workset.
Integration
The mapping between users and GP portal roles is an
administrative task. It is done using the User Management console of SAP
NetWeaver Portal. For more information, see
Identity Management.
Features
Guided Procedures Portal Roles
Role |
Technical Name |
Description |
GP User |
com.sap.caf.eu.gp.roles.runtime |
Users assigned to this role can initiate processes and execute the actions that are assigned to them. No special UME permissions are assigned for this role. To see the GP runtime workset, you need to assign the GP Runtime WC role as well. |
GP Runtime WC |
com.sap.caf.eu.gp.roles.runtime_wc |
The GP runtime workset is added to the portal view of the users that are assigned to this role. You need to assign the GP User role as well, so that users can work with the runtime tools. |
GP Business Expert |
com.sap.caf.eu.gp.roles.designtime |
This role enables access to the Guided Procedures design time toolset. Users assigned to this role can see the design time workset in the portal. However, to be able to work with the design time tools, they must hold at least one of the following roles as well: ● GP Basic User ● GP Expert User ● GP Advanced User |
GP Administrator |
com.sap.caf.eu.gp.roles.administration |
This role enables access to the Guided Procedures administration and transport tools. Users assigned to this role can manage process instances, configure queues, transport GP content across systems, and so on. |
GP Security Administrator |
com.sap.caf.eu.gp.roles.securityadmin |
This role enables users to manage the impersonation settings for callable objects of type External Service or Web Service. For more information, see
|
GP Superuser |
com.sap.caf.eu.gp.roles.superuser |
All permissions defined for Guided Procedures are assigned for this role. If you assign only this role to a user, the user is not able to see the GP worksets in the portal, but holds all permissions to edit objects. To enable users to see the GP worksets, you must explicitly assign the GP Administrator, Business Expert, or User role to them.
Use this role in the following scenarios: ● In local development installations for test purposes ● In productive systems as an emergency user |
GP SAP System User |
com.sap.caf.eu.gp.roles.sap_system_user |
This role enables the execution of callable objects in GP from the back-end system side. |
In
addition to the roles listed above that grant access to entire GP worksets,
design-time-specific portal roles are also defined. They enable the assigned
users to access design-time functions and callable object types, for which a
specific permission level (basic, advanced, or expert) is set. To configure
the permission level, you go to the
Administration Workset and open
General → Manage
Permissions.
Design-Time-Specific Roles
Role |
Technical Name |
Description |
GP Basic User |
com.sap.caf.eu.gp.roles.dt.basic |
This role enables users to access functions that the GP Administrator has assigned to the basic permission level. |
GP Advanced User |
com.sap.caf.eu.gp.roles.dt.advanced |
This role enables users to access functions that the GP Administrator has assigned to the advanced permission level. |
GP Expert User |
com.sap.caf.eu.gp.roles.dt.expert |
This role enables users to access functions that the GP Administrator has assigned to the expert permission level. |