SAP Basis critical object : S_SPO_ACT

Definition Authorization to perform actions on spool requests protected with authorization character strings. Use in the system: Only checked if the explicit or implicit value in the authorization attribute field of a spool request is not the same as the user ID of the user accessing it. The authorization is not checked if users access their own unprotected spool requests. Examples: Authorization is checked when users attempt to access the spool request of another user. Authorization is not checked if users attempt to delete their own spool request, and the authorization field in the spool request is either initial or contains the user's ID. The authorization is, therefore, mainly of interest for users who administer spool requests in the output controller. These users must access the spool requests of other users. This requires a S_SPO_ACT (spool: actions) authorization, in addition to the spool administration authorization (S_ADMI_FCD, system functions).

Defined fields

This object consists of the following fields: o Authorization field for spool actions: Operations permitted on protected spool requests. Possible values: o BASE: Check protected spool request in the output controller (determine whether the spool request exists); display request attributes o DISP: Display contents of a protected spool request o ATTR: Change attributes of protected spool request o AUTH: Change authorization value of a protected spool request o PRNT: Output protected request for the first time o REPR: Output protected spool request more than once o REDI: Redirect to another printer (of the same type). The printer should be the same device type. If used with ATTR, redirection to a different type of printer is permitted. o DELE: Manually delete request o USER: Change the owner o SEND: Send a request using SAPoffice o DOWN: Download a request o Value for the authorization check: Authorization value,for which the user is authorized. The authorization value is set in the attributes of the spool request. A user is permitted to perform a spool action if the value stored for this action in the user master matches the value in the authorization field in the spool request. If no value is specified in the authorization field of the spool request, all actions are permitted. An authorization key can be entered at the time a spool request is created, for example when a user selects Print. If no value is specified, the spool system automatically uses the ID of the user A user is always authorized for his or her own user ID and no authorization check takes place in this case. This means that a user can access his or her own spool requests without restriction unless an authorization key is entered that does not match the user ID. Users with the authorization value __USER__ can access all unprotected requests for all users in the client according to the authorized action. This authorization value is pre-defined and has the special meaning described. It can no longer be used for other purposes. Examples With this authorization, a user can reprint all requests with an authorization value beginning with FI. Field Value Authorization field for REPR spool actions Value for FI* authorization check

Dependencies

An additional authorization for S_SPO_DEV (spool: device authorizations) for at least one printer is always required for the physical output of a spool request.



SAP Basis Critical Object : S_SPO_DEV Definition Authorization to use a specific printer or other output device. Defined fields The object consists of the field Spool: Output device. In this field, enter the SAP names of the output devices for which a user is to be authorized. Example The value "LT*" authorizes a user to use all printers with beginning with "LT" in spool administration.