Ansicht
Dokumentation
SIMG_SWFMOD_ROLE - Manage Authorization
ABAP Short Reference CPI1466 during BackupThis documentation is copyright by SAP AG.
Rights to run transaction PFCG.
Recommendations are given as part of the activity description.
This activity launches the transaction PFCG.
This section covers the following activities:
- You assign roles to users for working with SAP Business Workflow Modeler.
- You maintain roles and their authorization profiles.
Different roles are delivered with the workflow modeler. These roles contain the authorizations and transactions for different tasks:
,,SAP_SWFMOD_ADMIN: give access to every single possible activity of the modeler
,,SAP_SWFMOD_USER: restricted access to activities (publish components and templates not possible)
,,SAP_SWFMOD_TRANSPORT: give access to the transport manager of the modeler (transaction ,,SWFMOD_TRANSPORT)
These roles can be used as template for customer-defined roles. To do so create copies of the roles with the profile generator and modify them as required. For example, you can restrict authorizations to certain modeler activities (authorization field SWFMODACTV) or restrict the access to certain components through folders (authorization field SWFMODFLD).
Within a role, it is defined which folders for components or templates the user can access. For example: users with role Sales have been given the authority for folders with the technical names SALES*. That means users can access all folders that start with technical name SALES like SALES_DISTRIBUTION or SALES_PLANNING.
When you create a new role keep the following in mind
- The Workflow Modeler will help you when creating folder by automatically setting or suggesting technical names corresponding to your rights:
- If admin sets technical name +* for the authorization field SWFMODFLD, the modeler will let you create first a folder with the technical name previously set (if not already used) and then with parental technical name +_ + free input. This newly created folder will inherit the * from its parent, that means that it will be possible for the user to create a new subfolder having with parental technical name + _ + free input#etc#with no limit of level#
,,,,Example: SWFMODFLD = CRM*; Folder having technical name CRM can be first created. It is possible ,,,,then to create a new folder with technical name CRM_SALES and then a subfolder ,,,,,,,, CRM_SALES_DISTRIBUTION and so on..
- If you set technical name without * for the authorization field SWFMODFLD the modeler will propose you this technical name when creating a new folder but only if it is not used by a folder since.
,,,,Example 2: SWFMODFLD = CRM
,,,,2 possibilities:
a. If technical name not already used by a folder, then the modeler suggest to create a folder having CRM as technical name. No subfolder can be created from this CRM folder (contextual menu disabled) as user right is restricted to CRM only.
b. If technical name already used by a folder, the modeler does not propose it and no folder can be created, as the right is restricted to CRM only.
,,In the role editor/authorization management, F4 for authorization field SWFMODFLD gives you the list of ,,existing folders (their technical name) but you are free to enter any other technical name (MINE* for example): ,,this technical name will be then suggested by the modeler when creating a new folder. Consequently when you ,,define your folders in the modeler or indirectly in the role do it in respect with your role strategy and in respect ,,with the consistency of the component or template library/repository.
- The Workflow Modeler will prevent you to create folders that you would not see then. That is why a folder having a tool tip: technical name without * cannot be extended.
TXBHW - Original Tax Base Amount in Local Currency General Data in Customer Master
This documentation is copyright by SAP AG.
Length: 4482 Date: 20240606 Time: 192235 sap01-206 ( 90 ms )
