Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Confidential
Page 1
0.1
07/04/2010
Huai Ying
First Draft
Document References
No. Document
1 2 Business Blueprint - IC
Location
\\163.243.220.175\share\CRM_Project_Docs\Blueprint\SAP-CRM-IC-BusinessBlueprintSignoff.doc ACE For IC Business Partner \\\163.243.220.175\share\CRM_Project_Docs\Functional Spec\ACE\Phase 1B - IC\ACE For IC Business Partner.pdf
Confidential
Page 2
Contents
1. Access Control Engine ............................................................................................................. 4 1.1 Purpose ........................................................................................................................... 4 1.2 Functional Requirements (Business Scenario & Requirements) .................................... 4 2. Solution Design ....................................................................................................................... 5 2.1 Business Process Model .................................................................................................. 5 3. ACE Customizing ..................................................................................................................... 7 3.1. General Parameter Settings ............................................................................................ 7 3.2. Rules Customizing ........................................................................................................... 7 3.2.1. Actor Type Customizing .............................................................................................. 7 3.2.2. Actor From Object Customizing .................................................................................. 8 3.2.3. Object By Filter Customizing ....................................................................................... 8 3.2.4. Actor For User Customizing ........................................................................................ 9 3.2.5. Rule Customizing......................................................................................................... 9 3.3. Rights Customizing .......................................................................................................... 9 3.3.1. Create Work Package ................................................................................................ 10 3.3.2. Create User Group .................................................................................................... 10 3.3.3. Create Rights ............................................................................................................. 10 3.4. ACE Event Background Job ........................................................................................... 11 4. ACE Maintenance .................................................................................................................. 12 4.1. Activate/Deactivate ACE ............................................................................................... 12 4.2. Analyze Design Data...................................................................................................... 13 4.3. Simulating Runtime Result ............................................................................................ 14 4.4. Update User or Object .................................................................................................. 16 4.4.1. Update User Context ................................................................................................ 16 4.4.2. Update Object Context ............................................................................................. 17 5. ACE Enhancement ................................................................................................................. 17 5.1. DDIC Objects ................................................................................................................. 17 5.1.1. Data Elements ........................................................................................................... 18 5.1.2. Database Tables ........................................................................................................ 18 5.2. Class ZCL_CRM_ACERULE_EMP_NAME ........................................................................ 19 5.2.1. Method IF_CRM_ACE_ACTORS_FROM_USER ~ GET_ACTORS_FROM_USER .......... 19 5.3. Class ZCL_CRM_CMG_EMP_SR..................................................................................... 19 5.3.1. Method IF_CRM_ACE_OBJECTS_BY_FILTER ~ GET_OBJECTS_BY_FILTER ................ 19 5.3.2. Method IF_CRM_ACE_ACTORS_FROM_USER ~ GET_ACTORS_FROM_OBJECTS ..... 21 6. Appendix ............................................................................................................................... 24
Confidential
Page 3
The document defines the Goodyear Interaction Center (IC) Agent or Service Professional searching for Case by employee responsible or Processor. This document collates both functional requirements and technical requirements. No separate document will be created.
1.2
A Customer Transactional Table at Section 5.1 will be created to store user name of IC Agent and higher level users such as IC Manager who are allowed to view all transaction data responsible by the agent. Thus, users at high level in the table could see all cases created by lower level users.
Confidential
Page 4
2. Solution Design
2.1 Business Process Model
Access Control Engine (ACE) Concept involves an Actor which represents the relationship between User and Object. Cases can only be accessed by the employee responsible or higher level user in the table. Therefore, IC Agent / Service Professional are the Actor, Case is the Object and Goodyear Employee is the user. ACE filtering process requires three technical enhancements as below: Actor for User filters Goodyear employee and Business Partners he responsible for. Actor from Object filters Case based on employee responsible or processor. Object by Filter filters Goodyear cases
Employee
User
Cases
(Object)
Confidential
Page 5
During creation for Case, IC Agent / Service Professional can be partner functions as Responsible or Processor. Table below shows the partner functions of each case type.
Table 1: Table of ACE filtering criteria
Business Transaction ZC_1 GY_General Information ZC_2 GY_Product Details ZC_3 GY_Order Related ZC_4 GY_Retailer GDBF ZC_5 GY_University ZC_6 GY_Complaint ZC_7 GY_Tire Adjustment
Example IC Agent/Service Professional who is responsible for the Case IC Agent/Service Professional who is responsible for the Case IC Agent/Service Professional who is responsible for the Case IC Agent/Service Professional who is responsible for the Case IC Agent/Service Professional who is responsible for the Case IC Agent/Service Professional who is responsible for the Case IC Agent/Service Professional who is responsible for the Case IC Agent/Service Professional who will process the Case IC Agent/Service Professional who is responsible for the Case
Responsible
Responsible
Responsible
Responsible Responsible
Confidential
Page 6
3. ACE Customizing
3.1. General Parameter Settings
Path: SPRO CRM Basic Functions Access Control Engine Maintain General Parameters
Table 2: Table of ACE Parameter Settings
Parameter Value
Description Mark X to deactivate ACE Leave blank to activate ACE New Objects Cache are deleted at 0 second
Confidential
Page 7
Confidential
Page 8
S
Figure 6: Screenshot of ACE Rule
Confidential
Page 9
User Group consists of user assignment either as single users, or as members of a role, or as members of another user group.
Both assists ACE to identify which user is ACE active and rules selected. Path: SPRO CRM Basic Functions Access Control Engine Create Right
Confidential
Page 10
JOB Name Transaction Code Job Name ABAP Program Event ID Parameter Periodic Jobs
Confidential
Page 11
4. ACE Maintenance
4.1. Activate/Deactivate ACE
ACE can only be active if user group in a work package and the right are activated. If ACE were to be permanently stopped, Right must be deactivated before Work Package is deactivated. Changes on existing ACE Rule or ACE User Groups require reactivation on Work Package in order to take effect. Path: SPRO CRM Basic Functions Access Control Engine Activate/Deactivate Work Packages and Rights
Confidential
Page 12
Activating an ACE User Group and Right will trigger ACE rule to calculate the accessible object. It is required to be manually triggered if: new ACE rule is added; existing ACE rule is amended; user table in section 5.1 is updated.
Confidential
Page 13
Confidential
Page 14
Confidential
Page 15
Confidential
Page 16
5. ACE Enhancement
During Rule creation, each rule requires an ACE class in order to perform the search filtering Criteria and mapping of User and Object via Actor from a customer table.
In this section, all the necessary information to create a Transactional Database is shown in table format.
Confidential
Page 17
5.1.1.
Data Elements
Data Element is declared for user name which will be used in Database table.
Table 5: Data Elements
No. Characters 12 12 12 12
5.1.2.
Database Tables
Table below shows the Database Maintenance and the Field Name.
Table 6: Database Table Maintenance
Table Maintenance Delivery Class Data Class Size Category Function Group Maintenance Screen type
Table 7: Database Fields
ZGY_ACE_IC_ORG Key Initial Data Element X X X X X X X X X X MANDT ZUNAME3 ZUNAME2 ZUNAME1 ZUNAME0
Confidential
Page 18
Function Module: ZGY_ACE_CASE_SR This function module filters for Goodyear Cases onyl.
FUNCTION zgy_ace_case_sr. *"---------------------------------------------------------------------*"*"Local Interface: *" CHANGING *" REFERENCE(EX_OBJECT_GUID_TABLE) TYPE CRMT_ACE_OBJECT_GUID *" OPTIONAL *"---------------------------------------------------------------------DATA: BEGIN OF ty_case_type, case_type TYPE scmgcase_type, END OF ty_case_type. DATA: lt_case_type LIKE STANDARD TABLE OF ty_case_type, lt_case_guids TYPE scmg_tt_case_guid, ls_ace_guid LIKE LINE OF ex_object_guid_table.
Confidential
Page 19
FIELD-SYMBOLS: <fs_guid> LIKE LINE OF lt_case_guids. CLEAR ex_object_guid_table. * create a range to select Custom Case Type RANGES: s_casetype FOR scmg_t_case_attr-case_type. s_casetype-sign = 'I'. s_casetype-option = 'GE'. s_casetype-low = 'Z'. APPEND s_casetype. * select all the case SELECT case_guid FROM scmg_t_case_attr INTO TABLE lt_case_guids WHERE case_type IN s_casetype AND ( processor <> '' OR responsible <> '' ). LOOP AT lt_case_guids ASSIGNING <fs_guid>. ls_ace_guid-object_guid = <fs_guid>. APPEND ls_ace_guid TO ex_object_guid_table. ENDLOOP. ENDFUNCTION.
Confidential
Page 20
5.3.2.
This method prepares the related partner functions which are needed to map Actors to Objects.
METHOD if_crm_ace_actors_from_object~get_actors_from_objects. TYPES: BEGIN OF ty_case, case_guid TYPE scmg_case_guid, END OF ty_case. DATA: ls_objects TYPE ty_case, lt_objects TYPE TABLE OF ty_case. DATA: ls_object_actor lt_case ls_actor lt_actor ls_failed_object TYPE TYPE TYPE TYPE TYPE crms_ace_object_actors, TABLE OF scmg_t_case_attr, crms_ace_actor_id, crmt_ace_actor_id, crms_ace_object_guid. TYPE crms_ace_object_guid, TYPE scmg_t_case_attr.
* convert guid 16 to guid 32 LOOP AT it_object_guids ASSIGNING <fs_object>. ls_objects-case_guid = <fs_object>-object_guid. APPEND ls_objects TO lt_objects. ENDLOOP. * read processor and person responsible of case SELECT case_guid ext_key processor responsible FROM scmg_t_case_attr INTO CORRESPONDING FIELDS OF TABLE lt_case FOR ALL ENTRIES IN lt_objects WHERE case_guid = lt_objects-case_guid. LOOP AT lt_case ASSIGNING <fs_case>. REFRESH lt_actor. IF <fs_case>-responsible IS NOT INITIAL. APPEND <fs_case>-responsible TO lt_actor. ENDIF. IF <fs_case>-processor IS NOT INITIAL. APPEND <fs_case>-processor TO lt_actor. ENDIF. IF NOT lt_actor IS INITIAL. DELETE ADJACENT DUPLICATES FROM lt_actor COMPARING actor_id. CALL FUNCTION 'ZGY_ACE_READ_ORG_USER'
Confidential
Page 21
CHANGING ct_actor_id = lt_actor. IF NOT lt_actor IS INITIAL. CLEAR ls_object_actor. ls_object_actor-object_guid = <fs_case>-case_guid. ls_object_actor-actors = lt_actor. APPEND ls_object_actor TO et_actor_ids. ELSE. CLEAR ls_failed_object. ls_failed_object-object_guid = <fs_case>-case_guid. APPEND ls_failed_object TO et_failed_objects. ENDIF. ENDIF. ENDLOOP. ENDMETHOD.
Function Module: ZGY_ACE_READ_ORG_USER This function module reads users in Section 5.1 who is allowed to view and process the case.
FUNCTION zgy_ace_read_org_user. *"---------------------------------------------------------------------*"*"Local Interface: *" CHANGING *" REFERENCE(CT_ACTOR_ID) TYPE CRMT_ACE_ACTOR_ID OPTIONAL *"---------------------------------------------------------------------DATA: ls_itab lt_itab TYPE zgy_ace_ic_org, TYPE TABLE OF zgy_ace_ic_org.
DATA: ls_actor_id TYPE crms_ace_actor_id, lt_actor_id TYPE crmt_ace_actor_id. CHECK ct_actor_id IS NOT INITIAL. lt_actor_id = ct_actor_id. REFRESH: lt_itab, ct_actor_id. LOOP AT lt_actor_id INTO ls_actor_id. CLEAR ls_itab. REFRESH lt_itab. SELECT * FROM zgy_ace_ic_org INTO TABLE lt_itab WHERE level3 = ls_actor_idactor_id. IF sy-subrc = 0. * convert 3rd level user name to BP guid * read level 2 that related to level 3 users CLEAR ls_itab. LOOP AT lt_itab INTO ls_itab.
Confidential
Page 22
APPEND ls_itab-level2 TO ct_actor_id. APPEND ls_itab-level1 TO ct_actor_id. APPEND ls_itab-level0 TO ct_actor_id. ENDLOOP. APPEND ls_itab-level3 TO ct_actor_id. ELSE. * 3rd level user not found * look up user name in 2nd level CLEAR ls_itab. REFRESH lt_itab. SELECT * FROM zgy_ace_ic_org INTO TABLE lt_itab WHERE level2 = ls_actor_id-actor_id. IF sy-subrc = 0. " append level 3 user names to itab LOOP AT lt_itab INTO ls_itab. APPEND ls_itab-level1 TO ct_actor_id. APPEND ls_itab-level0 TO ct_actor_id. ENDLOOP. APPEND ls_itab-level2 TO ct_actor_id. ELSE. * 2nd level user not found * look up user name in 1st level SELECT * FROM zgy_ace_ic_org INTO TABLE lt_itab WHERE level1 = ls_actor_id-actor_id. IF sy-subrc = 0. APPEND ls_itab-level1 TO ct_actor_id. LOOP AT lt_itab INTO ls_itab. APPEND ls_itab-level0 TO ct_actor_id. ENDLOOP. ELSE. * 1st level user not found * look up user name in level 0 SELECT SINGLE * FROM zgy_ace_ic_org INTO ls_itab WHERE level0 = ls_actor_idactor_id. IF sy-subrc = 0. APPEND ls_itab-level0 TO ct_actor_id. ENDIF. ENDIF. ENDIF. ENDIF. ENDLOOP. SORT ct_actor_id BY actor_id ASCENDING. DELETE ADJACENT DUPLICATES FROM ct_actor_id. DELETE ct_actor_id WHERE actor_id = ''. ENDFUNCTION.
Confidential
Page 23
6. Appendix
Confidential
Page 24