cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

APM/APMe Security groups details

Display_Name
Explorer

2 weeks ago - last edited 2 weeks ago

Hello,

To monitor changes related to the roles and permissions of users. My goal is creating a security report that sums up the users/security groups and the detailed hierarchy of access permissions for Portals, Menus, Forms, Fields, Functions, Features , Widgets and Dashboards.

My objective is to obtain the required data by using a QB query that adheres to the data base entities. I'm having trouble comprehending the connections between these entities, particularly how they link together from Portals to Actions through menus and sub-menus and forms. Accurately mapping out which users and groups have access to specific elements within APM requires this understanding.

Here is what I have managed to decipher so far:

  • The entity UserSet includes users.
  • the entity SecGroup includes security groups.
  • the entity SecDet includes restricted security levels (UI elements):  Forms, Fields, Actions (Functions), Features, Widgets with its type of Access.
  • The entity MenuMetadata contains the list of Portals/menus/Menu tabs (without specifying the hierarchy)
  • The entity FormMetadata includes Forms and its relation ships with MenuMetadata entity.

Expected report format: Security Group | Portal | Menu | Sub Menu | Menu Tab | Form | Field | Function (Action) | Dashborad | Wdiget | Feature | Access ( Permission )

SAP's available web documentation (also APM Data Dictionary) primarily focuses on user-oriented information and configuration settings, and does not include details on the database schema.

Could you please provide guidance, detailed documentation, or example SQL queries that explain these relationships? Insights into the relevant database schema would be extremely helpful.

PS: the challanges also are:

  • To distinguish between components that are secured and those that are not (what is in Secdet versus what is not in Secdet)
  • Also what is in Secdet for specific security groups vs what is not in SecDet for specfic security groups
  • A form X can be accessible if you look at it on SecDet but at the sometime it can not be accessible because the form Z which precedes it is not accessible.

 

regards,

K.A

 

Show replies
Show replies
PhillipButts
Product and Topic Expert
Product and Topic Expert
2 weeks ago
Hi, K.A., Let me do some digging around and see what I can come up with to help you.
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

PhillipButts
Product and Topic Expert
Product and Topic Expert
a week ago

We are still researching. It may take a while to get things in order.

Show replies
Show replies
PhillipButts
Product and Topic Expert
Product and Topic Expert
Friday
0 Kudos

Hi, We are still researching but the majority of this logic is in the code base (ie not stored in the database layer).

We have asked engineering if there is a simple way that we could create a report using this logic as a product enhancement. Please go to the influence portal and vote for this feature if it is there or create an enhancement request.

Show replies
Show replies
FrankMalenfant
Explorer
2 weeks ago
0 Kudos

Hi,

Do you find any answer/solution yet, becasue we have the same requirement ?

 

Thank

Show replies
Show replies
Display_Name
Explorer
2 weeks ago
0 Kudos

@PhillipButts : I will wait for you. Thank you in advance!

Show replies
Show replies
Ask a Question