AnsweredAssumed Answered

How to apply SoD rule on SAP finest grains ?

Question asked by Baptiste DELIGNY on Feb 6, 2017
Latest reply on Feb 7, 2017 by Baptiste DELIGNY


I am looking for a way to collect all the elements of the SAP permissions chain :

  • Transaction
  • Transaction code
  • Object
  • Object Field
  • Object Field's Value


You will find, attached to this post, a schematic of the SAP data model I am talking about.



In order to apply SoD rules on the Object Field's Value.

Did someone ever do it ?


We were thinking of this mapping :

  • Transaction Code = > Application Role
  • Object = > entitlements
  • Object fields & object field's values => custom entitlement's attributes

But since we do not know in advance how many object Fields an object has, nor how many  values it contains, this seems inefficient.


How do you recommend we use, or expand, the RSA data model to store these informations ?


Thank you for your time and response,

Kind Regards,


Baptiste Deligny