Question:
Howdy all,
excuse me if I sound ignorant, this is becuase I am a BW consultant with a basic/intermediate understanding of Security.
We have a requirement here which means that in BW I need to set up a query writers roles but with a restriction that they can only change objects that were created by other people in their user group...
I know of security object S_RS_COMP1 which allows me to enter peoples names in but ideally I need this working at a user group level, that way there is less maintenance long term...
(teams are always swapping and changing)
any ideas would be appreciated...
PS: BW version 3.1
Answer:
This can be done by useing a naming convention per group for the technical names of the queries.
IN S_RS_RSCOMP1 assign the value $USER to RSZOWNER with activity 2 and everyone can only change their own queries. If you do not do this everyone can change all queires. Do this in a generel role you assign to all users
If however you want to allow group changes than in S_RS_COMP field RSZCOMPID put begining of the string that has been decided to be the naming convention for that group follwed by an * and people in the group with that role can change queries following the naming standard. Create a seperate query builder role for every group. with this in it.