• 1.  Approvers and Package Creates

    Posted 09-04-2014 10:53 AM

    Is there a fairly easy way to restrict users within an Approver Group from having the ability to create packages? THANKS

  • 2.  Re: Approvers and Package Creates
    Best Answer

    Posted 09-05-2014 03:48 AM

    Hi Dan,

    as an organisational solution (1) you could (let) check and adapt the permissions of a user, when his userid is added to an approver-group. An alternative with only nearly the same effect, (2) you could use Exit-7, when PECBSFCD equal to 2,3,4,5, and do a RACROUTE REQUEST=AUTH to check if the user has permission to approve packages and then deny the package-action in exit-7.

    If your intention is to enforce the four-eyes-principle, (3) you could use exit-7 PRCBSFCD equal 0 (approve-action) and check and deny this package-action, if the userid is the same as userid of cast and/or creation etc.



  • 3.  Re: Approvers and Package Creates

    Posted 09-06-2014 04:41 PM


    If you define the Package area of the BC1TNEQU table and if you have the ESI feature then YES you restrict users that approve packages from creating a package.

    This eliminates the need for an EXIT.



  • 4.  Re: Approvers and Package Creates

    Posted 09-09-2014 04:32 PM

    Thank you all for the feeback. We just activated ESI at our site last month so we will pursue this option.