Ansicht
Dokumentation

/VIRSA/BAPI_AE_USER_ANALYSIS_N - BAPI to get SOD Object Analysis Report

/VIRSA/BAPI_AE_USER_ANALYSIS_N - BAPI to get SOD Object Analysis Report

SUBST_MERGE_LIST - merge external lists to one complete list with #if... logic for R3up   TXBHW - Original Tax Base Amount in Local Currency  
This documentation is copyright by SAP AG.
SAP E-Book

Functionality

Purpose:

This function module is used to facilitate the user in performing SOD analysis at the role as well as the user level. The user can provide a user logon name and/or roles to simulate an SOD analysis. The user can execute this function module to view risks associated with role violations, critical transactions, critical roles - at the transaction-level or object-level. The user can specify additional preferences, such as the analysis type, inclusion/exclusion of mitigation, critical transactions and critical roles in the analysis, and whether they want to additionally perform the analysis with the object details or not. A detailed explanation of the parameters is given below.

Function module parameters:

Input parameters

USERID: This is the R/3 logon user name that corresponds to the user for whom the SOD analysis is performed. "UserID" may correspond to a new user name or to an existing one.

MITIGATION: This input parameter is used to specify whether the user wants to include mitigation in the analysis or not. If the user sets the value of this parameter to "N", the analysis includes mitigation information; and if the the user sets the value of this parameter to "Y", the SOD analysis excludes mitigation. The default is set to "Y" - and hence mitigation is excluded by default.

ANALYSISTYPE: The user has an option of specifying the type of SOD analysis to be performed. The user can set this variable to "O" for Object level analysis, and to "T" for Transaction level analysis.

CRTCODE: The user can set the value of this variable to "X" to view the critical transactions associated with the user/role. When the user sets the value of this variable to " ", critical transactions are not retrieved. The default is "X", which means that critical transactions are retrieved by default.

CRROLE: The user can set the value of this variable to "X" to view the critical roles associated with the user. When the user sets the value of this variable to " ", critical roles are not retrieved. The default is "X", which means that critical roles are retrieved by default.

OBJDETAIL: When the user sets the value of this variable to "X", details about all the objects associated with the risks are also included in the analysis.

Output parameters

ALLTCODE: This output parameter is used when a role or user has access to ALL the transactions. In such cases, the transactions, roles, violations, etc are not listed in the tables parameters (see table descriptions below). Instead, this variable is used as a flag and marked with the value "X" to signify that the particular role or user includes ALL transactions.

Table parameters

ROLE_LIST: The user can associate role(s) for performing the SOD analysis. This table parameter "ROLE_LIST" holds all the roles that are input by the user.

[ Note:

o This is the only table used as an input parameter. All the other table parameters are used for output.

o The user may or may not input the USERID along with the roles (ROLE_LIST) while performing the SOD analysis ]

VIOLATION_RISK: This output table lists all the risks associated in the analysis. "VIOLATION_RISK" returns the risk IDs, risk descriptions, risk levels and the number of violations associated with the risk.

VIOLATION_TCODES: This output table lists the risks, transaction code IDs associated with the risk, transaction code description and the description of the role associated with the transaction.

CRITICAL_TCODES: This output table lists the transaction codes of all the transactions termed "critical transactions", risk description, and the description of the roles associated with the transactions.

CRITICAL_ROLES: This output table lists the descriptions of the roles termed "critical roles", risk description and the risk level associated with the critical role.

RISK_TCODES: This output table lists the transaction codes of all the risks associated with the SOD analysis. This table includes the risk, and the transactions whose combinations produce that particular risk. For example, the transactions "VA01" and "VF01" may be associated with the risk "S007". This means that the two transactions: "VA01" and "VF01" when accessed in conjunction, produce the risk: "S007". [ Note: A description of the risk - "S007" for example - may be retrieved from the output table: VIOLATION_RISK described above.]

OBJECT_DETAIL: If the user specifies the input parameter "OBJDETAIL" as "X", then object details associated with the roles are displayed. [ NOTE: When the user specifies this option, the other output tables are not populated - mutually exclusive]

Example





Parameters

ALLTCODE
ANALYSISTYPE
COMPOSITE_ROLE
CRITICAL_TCODES
CRROLE
CRTCODE
CRTICAL_ROLES
LANGU
MITIGATION
OBJDETAIL
OBJECT_DETAIL
PROFILE_LIST
RETURN
RISK_TCODES
ROLE_LIST
USERID
VIOLATION_RISK
VIOLATION_TCODES

Exceptions

Function Group

SA/SAPLZAECCNH

PERFORM Short Reference   CPI1466 during Backup  
This documentation is copyright by SAP AG.

Length: 5444 Date: 20240328 Time: 174538     sap01-206 ( 117 ms )