SAP Function RSSB_BW_AUTH_MODIFY - Generate BW Reporting Authorizations

Parameter	Reference	Type	Length	Default	Optional	Text
I_APPL_LOG_INITIALIZED	RS_BOOL	C	1	RS_C_FALSE	X	Boolean
I_APPL_LOG_TITLE	BAL_S_LOG-EXTNUMBER	C	100		X	Application Log: External ID
I_ASSIGN_TO_USER	RS_BOOL	C	1	RS_C_TRUE	X	Assign a Profile to the User
I_DELETE_FIRST	RS_BOOL	C	1	RS_C_TRUE	X	Previous Deletion of the Authorization
I_DETLEVEL	BAL_S_MSG-DETLEVEL	C	1	'2'	X	Application Log: Level of Detail
I_INFOPROV	RSINFOPROV	C	30		X	InfoProvider
I_TSX_AUTH_VALUES	RSSBR_TSX_AUTH_VALUES	h	32			BW Reporting Authorizations: User Authorizations
I_TS_USER_GEN	RSSB_TS_USER_GEN	h	101		X	User Information for Generating Authorizations

Parameter	Reference	Type	Length	Text
E_SUBRC	SYST-SUBRC	I	4	Return Value: 0=OK, 2=Cautions, 4=Error
E_T_MSG	RS_T_MSG	h	704	BW: Table with Messages (Application Log)
E_T_MSG_SHOW	RS_T_MSG_SHOW	h	1600	Application Log: Useful Data in the Log Display

Functionality
Note that this module may only be used by arrangement with theBusiness Intelligence! This module is not intended as a replacement forcorresponding functions in SAP NetWeaver.
The module generates BI authorizations for reporting. The requiredauthorizations are generated using data from an application (HR, forexample) so that users see in BI the same data that they are permittedor not permitted to see in the application transactions, even if theauthorization objects or authorization concepts are different.
Based on the description of the authorizations, an authorization iscreated (or changed) for users and authorization objects, a profile iscreated (if one does not exist already) and assigned to a user (if notassigned already). The profile has the same technical name as as theauthorization. The name is derived from the prefix 'RSR_' and a unique,consecutive number. This ensures that the generated authorization isspecific to a particular user, which also makes it easier to delete.
Generated authorizations and profiles must not, under any circumstances,be assigned to other users. It is, of course, possible to processauthorizations manually (in BW transaction RSSM, for example).
For every call, a log is created in the application log. The log isdisplayed using the report RSSB_BW_SHOW_LOG_AUTH_MODIFY, or transactionSLG1. Transaction SLG1 allows you to make further restrictions. Useobject 'RSSB_BW_AUTH' and the subobject 'GENERATE'.

Example
A typical application for this module looks something like this:
The authorization data is loaded into the BI system using an extractorfrom the application.
A program is started that uses this information to determine theauthorization description for each user and each authorization object.
The module that generates the required authorizations and the profile iscalled using this information.
In the program, the return value E_SUBRC is checked, and, particularlyin the case of E_SUBRC <> 0, messages are output in table E_T_MSG .

Notes
The demonstration program 'RSSB_BW_AUTH_DEMO_1' displays howyou call the module. Read the commentary in this program, since, beforeyou are able to start the program, you have to create a user, forexample. The commentary also describes the importance of the individualparameters again.
SAP reserves the right to generalize in the scenario described here, andto make the scenario available to all its customers.

Description
Module return value.

Value range
E_SUBRC is 0, if no errors or warnings occurred.
E_SUBRC is 2, if warnings also occurred.
E_SUBRC ist 4, if errors also occurred.

Description
Messages that were created during generation, have been written in theapplication log

Description
For the display of useful information in the application log.
Field T_MSG in the table is particularly interesting, as the message iscontained here in clear text (with converted variables).

Description
The application log has (value RS_C_TRUE) or has not (RS_C_FALSE) beeninitialized already.
During checking and generating, messages were written to theapplication log. The application log must be initialized once.
This paramter is set to RS_C_TRUE, if this module is called fromRSSB_BW_AUTH_MODIFY_RFC, as messages that must be written in the samelog may already exist there.

Value range
RS_C_FALSE or RS_C_TRUE

Description
External description of the application log.
During generation, messages were written to the application log, andsaved on the database. Using I_APPL_LOG_TITLE, you can choose the titlewith which the log is displayed in the overview.

Description
Complex table with the description of the authorizations for a user onthe basis of an authorization object.
You can create several authorizations for every user (field USER) andauthorization object (field OBJECT). The data is transferred into theAUTH table.
In the AUTH table, the authorized values are transferred into the RANGEand HIERARCHY tables. You can transfer an authorization name in theAUTH field. The authorization and profile generated then have thisname. If the AUTH field is blank, a unique name is generatedautomatically.
For every InfoObject (field IOBJNM) the RANGE table contains validvalues (field LOW) or intervals (fields LOW and HIGH) from theauthorization object. If the field for the authorization object is notderived from an InfoObject, the field name is given in IOBJNM andIOBJNM_IS_FIELDNM is set to rs_c_true.
The HIERARCHY table contains authorizations for hierarchies. You haveto specify each of the following values:
HIENM: ,,,,Hierarchy name
VERSION: ,,,,Hierarchy version
DATETO:,,,,Key date
NIOBJNM:,,,,Node InfoObject or 0HIER_NODE for a text node
NODE:,,,,Node value or text for a text node
AUTHTYPE: ,,,,Hierarchy type (see fixed value in the domainRSSAUTHHIERTYPE)
COMPMODE:,,Validity area of the definition (see fixed value in thedomain RSSBCOMPMODE)
TLEVEL:,,,,Level to which a drilldown in the hierarchy is possible.(Only useful with AUTHTYPE = 3)
USERDEFAULT:,,If this field is already rs_c_true, this authorization ofthe default value for the user is in the F4 help.