Ansicht
Dokumentation
P_ABAP - HR: Reporting
Fill RESBD Structure from EBP Component Structure PERFORM Short ReferenceThis documentation is copyright by SAP AG.
Definition
The authorization object HR reporting (P_ABAP) is used in many ways:
- HR Reporting with HR Reporting are reports with the logical database PNP.
- Logged changes in infotype data
- Processing person-related data using payment medium programs from Accounting.
To 1.You can use the relevant authorization for these objects to control how the objects HR: Master data (P_ORGIN), HR: Master data - extended check (P_ORGXX) and structural authorization check are used in specified reports to check the authorization for HR infotypes. In this way, you can carry out a fine-tuned control on reports for infotype authorization. This can be useful for functional reasons or to improve performance at runtime of the corresponding reports.
For this object, specify the report name(s) and the degree of simplification to be used for the authorization check.
Note
Note that this object differs from the object ABAP: Program run checks. The latter is used for general program authorization checks. In HR reports, these checks are carried out in addition to the HR infotype authorization check. HR: Reporting, however, overrides the HR infotype authorization check for selected reports, with the result that the authorization checks are weakened or completely switched off.
Examples
- In your company, the authorization for infotypes is, for example, independent of the authorization
for specific organizational units (one administrator may be authorized to access address, personal and
education data only for personnel area 0101 - but not for address data in personnel area 0101 and personal
data in personnel area 0102). If you enter 1 in the Degree
of simplification field, the above facts are taken into account in the specified report and the check is carried out more quickly for a user with this authorization.
- If certain HR reports are not critical (telephone lists etc.) and authorization protection is not
required, enter the report name and * in the Degree
of simplification field. The system then checks whether the person starting the report is authorized
to do so (object - ABAP/4: Program run checks), but performs no other checks (object - HR: Master data).
- In your company, one user may have access to all HR infotype data. For this user, enter *
in the Report name and Degree of simplification
fields. The system then only checks whether this user is authorized to start the report in question but not whether he/she is authorized to display the requested HR infotype data.
- A time adminstrator should carry out time evaluations (report HR: Time - time
evaluation (RPTIME00) for employees with the organizational key 0001TIMEXXX.
For certain additional information that is needed internally (the program user either cannot see this,
or can only partially see it), the Basic pay infotype (0008)must be imported,
for example, to time evaluation. To carry out time evaluation, the administrator must therefore have
display authorization for the Basic pay infotype (0008). If the administrator
is not to have display authorization for this infotype, the read authorization for the Basic
pay infotype can be restricted for individuals with the organizational key 0001TIMEXXX
for the report HR: Time - Time evaluation (RPTIME00). For this, use the following authorization
- Object HR: Master data (P_ORGIN) (two authorizations)
Infotype 0008 ' '
Subtype * ' '
Authorization level R ' '
Organizational key ' ' 0001TIMEXXX
...
- Object HR: Reporting (P_ABAP)
Report name RPTIME00
Degree of simplification 1
In this way, a simple check is carried out for the authorization check infotype in conjunction with the report HR: Time - Time evaluation (RPTIME00): The infotype, subtype, level are checked, and then, independently, the organizational assignment (in the example, the Organizational key field) (according to degree of simplification 1). In report HR: Time - Time evaluation (RPTIME00), infotype Basic pay (0008) can also be read. However, if the check is not in conjunction with the report HR: Time - Time evaluation (RPTIME00), all fields of the object HR: Master data (P_ORGIN) are checked together, but in this way there is no read access to the Basic pay infotype (0008).
TO 2. Evaluations of the logged changes in infotype data are subject to infotype authorization checks. However, usually, someone, who starts such an evaluation, has extensive authorizations. In this case, it is useful, in order to ensure improved performance, to do without the check of individual data and instead, grant the user global authorization for logging evaluations using the report Logged changes in the infotype data (RPUAUD00). For this, use an authorization for the object, by specifying the value RPUAUD00 in the Report name field, and the value 2 in the Degree of Simplification field.
To 3 The payment medium program of accounting processes, in particular, confidential personal data. In addition the check to see whether the user is authorized to start the program, a check to see whether the corresponding authorization exists for the object is also carried out, as an additionl security measure : The name of the payment medium program must be entered in the Program name field, the value 2 (or * must be entered in the Degree of simplification field.
Defined fields
- Report name
rdisp/max_wprun_time - Maximum work process run time CPI1466 during Backup
This documentation is copyright by SAP AG.
Length: 7628 Date: 20240602 Time: 163740 sap01-206 ( 183 ms )
