| Status | |
|---|---|
| Owner | BIDALIA-ext, Kuldeep |
| Stakeholders | |
| Jira Request ID | |
| Jira Development ID |
High- Level Specification
| Parameter | Value |
|---|---|
| Application System | S/4Hana ROW, S/4Hana China, S/4Hana CUI |
| Business Process Reference | 10.02.01.01. Manage Project/WBS Changes 10.01.03.01. Manage Initiatives and Items |
Functional Overview
Standard fields "Person Responsible No." and "Applicant No." are utilized in Project Definition and Work Breakdown Structure (WBS) elements of a project to track accountability and facilitate project-related notifications & workflows. Given that standard fields are maintained through manual configuration. In Syway design , it is intended to use Position numbers in this table based on the roles assigned. This means-
- HR positions assigned to specific Security Roles via SAP User IDs will be designated as the responsible entities at the PPM Item, Project Definition and WBS element levels.
- It supports organizational continuity, as responsibilities are tied to HR Position rather than individuals- reducing the need for manual updates when personnel changes occur.
Scope and Objectives
Scope- This enhancement defines a scheduled batch job that extracts HR positions based on their Security Role assignment and updates-
- Person Responsible No. Table: Populated with positions linked to TCJ04 specific security roles i.e. ‘Person Responsible - Project’, ‘Person Responsible - WBS’
- Applicant No. Table: Populated with positions linked to TCJ05 specific security role/s i.e. ‘Project Financial Controller’.
Objective- The key objective is to auto populate the Person Responsible and Applicant tables with relevant Positions based on relevant Security Roles.
Process steps are-
Step | Description | Comment |
|---|---|---|
| 1 | Assign Security Role to SAP User ID | Assign TCJ04 specific security Roles e.g. ‘Person Responsible - Project’ OR ‘Person Responsible - WBS’ OR TCJ05 specific security Role/s 'Project Financial Controller' to SAP User ID/s |
| 2 | Assign SAP User ID to a HR Position | SAP User ID assigned to existing active HR Position |
| 3 | Execute Batch Job manually | Position will be derived based upon the defined Security Role assignment to the SAP User ID. Person Responsible No. or Applicant No. table will be appended as-
|
| 4 | Check Positions available in Project Definition and WBS elements | Open a project and select project definition/ WBS element- If Security Roles ‘Person Responsible - Project’ OR ‘Person Responsible - WBS’ is assigned to the Position via SAP User ID then search the Position in the Person Responsible No. field. If Security Role ‘Project Financial Controller’ is assigned to the Position via SAP User ID then search the Position in the Applicant No. field. |
| 5 | Check Positions available in the PPM Item | Open an PPM Item- If Security Roles ‘Person Responsible - Project’ OR ‘Person Responsible - WBS’ is assigned to the Position via SAP User ID then search the Position in the Project Owner field. If Security Role ‘Project Financial Controller’ is assigned to the Position via SAP User ID then search the Position in the Project Financial Controller field. |
Assumptions
- The system will have predefined and stable Security Role. TCJ04 specific security roles i.e. ‘Person Responsible – Project’, ‘Person Responsible – WBS’, and TCJ05 specific security role/s i.e. ‘Project Financial Controller’ are expected to be consistently active. These Security Role name could vary based on Syensqo's nomenclature standards.
- One Position will be assigned to a single user.
- HR positions do not have direct security role assignments.
- HR position master data will be will replicated in S/4 as HR mini-master
Dependencies
- HR mini master data must be replicated and kept current in SAP S/4HANA. Positions must be assigned to relevant Personnel Nos.
- Table structures for Person Responsible No. and Applicant No. must allow maintenance via Batch Job without creating Transport Request.
- Given that HR Position is Tier-1 master data, they will be replicated across all instances along with its associated infotypes.
- An interface will be developed to replicate entries from the Person Responsible and Applicant tables into all instances tables.
Security, Integrity and Controls
- Authorization Checks: Batch job runs under a technical user with write access to Person Responsible No. and Applicant No. tables.
Configuration Requirements
N/A
Language Requirements
N/A
Special Requirements
N/A
Design Rationale
Functional Requirements
The proposed batch job must fulfill functional requirement to ensure accurate, Security Role based HR Positions via SAP User ID are available and extracted for the project governance.
Once extracted, the batch logic must filter positions based on Security Role: positions linked to "Person Responsible- Project", "Person Responsible- WBS" Security Roles must be inserted or updated in the Person Responsible table, while those linked to the Project Financial Controller Security Role must populate the Applicant table.
Additionally, the batch job must record every update, capturing metadata such as the timestamp and whether a record was added, modified, or deleted, to ensure audit traceability.
Note : Alternatively, Find the Jobs assigned to the role and find the corresponding position of the jobs. ( logic to be determined post HR and Security role design)
Proposed Technology to Use
N/A
Data Source Considerations
N/A
| Table | Field Name | Comments/Calculation/Field Manipulation |
|---|---|---|
| HRP1001 | OBJID | Field for picking Personnel No. (OTYPE = P) and Position (OTYPE = S) |
| AGR_USERS | UNAME | Source for SAP User ID based on Security Roles |
| HRP1000 | MC_STEXT | Source for Position Text |
Data Validation Considerations
- Data Validation: Position IDs are validated for active status before update.
| Table | Field Name | Comments/Calculation/Field Manipulation |
|---|---|---|
| HRP1001 | BEGDA | The system date must be on or after the start date |
| HRP1001 | ENDDA | The system date must be earlier than the end date |
| HRP1014 | REDUN | Obsolete indicator must not be assigned to the Position |
Custom Tables
N/A
Master Data
N/A
| Field | Description | Data Type/Length | Validation rule/ Value Help |
|---|---|---|---|
Configuration Table
Configuration tables TCJ04 (for Person Responsible No.) and TCJ05 (Applicant No.) will be maintained via Batch Job without creating Transport Request.
| Field | Description | Data Type/Length | Validation rule/ Value Help |
|---|---|---|---|
| Pers.Resp.No. | NUMC/ 8 | Filled by derived Position IDs | |
| TCJ05-ASTNR | Applicant no. | NUMC/ 8 | Filled by derived Position IDs |
Selection Screen Enhancement
| Field Name | Description | Select: Option or Parameter Check box or Radio button Import or Export | Data Type/Length | Default Value/ Validation rule/ Value Help | Selection Logic |
|---|---|---|---|---|---|
| AGR_NAME | Person Responsible Roles | Parameter | CHAR/ 30 | TCJ04 specific security roles- Person Responsible- Project Person Responsible- WBS | Multiple Roles can be selected |
| AGR_NAME | Applicant Roles | Parameter | CHAR/ 30 | TCJ05 specific security role/s- Project Financial Controller | Multiple Roles can be selected |
Processing Logic
This enhancement is initiated through a daily batch job to ensure that Job based positions are consistently maintained within the TCJ04 & TCJ05 tables, sequence is-
- Identify Person Responsible Positions
Pick all active Positions based on Person Responsible Roles or TCJ04 specific security roles-
a. Pass the roles defined in the "Person Responsible Roles" in the selection to the field AGR_USERS-AGR_NAME, and retrieve all SAP users (AGR_USERS-UNAME) whose validity period is active i.e., the current date falls between the latest start date (AGR_USERS-FROM_DAT) and end date (AGR_USERS-TO_DAT).
b. Retrieve the User ID and determine the active Personnel Number from table PA0105. Pass the User ID to field PA0105-USRID where PA0105-USRTY = 0001.
Ensure that the Personnel Number is active, i.e., the current date falls within the validity period defined by start date (PA0105-BEGDA) and end date (PA0105-ENDDA). Finally, and select the Personnel Numbers from field PA0105-PERNR.
c. Pass the Personal nos. to HRP1001-OBJID to get the active Position. Pass below information to HRP1001 to pick active position i.e. HRP1001-SOBID
OTYPE = P
OBJID = Personnel No.
PLVAR = 01
RSIGN = 008
Current date between Latest Start (BEGDA) and End date (ENDDA) to ensure Person to Position mapping is active
SCLAS = S
Pick SOBID
Pass the selected position to table HRP1014 and verify that the obsolete check is inactive i.e., field REDUN is blank or no corresponding record exists in HRP1014. Ignore Position if entry found.
d. Pick Position description from HRP1000- where
OTYPE= S
OBJID= Position no.
Current date between Latest Start (BEGDA) and End date (ENDDA) to ensure Person to Position mapping is active
Pick MC_STEXT
List of Position IDs with Description will be collected, remove the duplicate entries if found.
2. Identify Applicant Positions
Pick all active Positions based on Applicant Roles or TCJ05 specific Security Role/s-
- Follow same steps as above for TCJ05 specific Security Role/s and collect Position IDs with Description.
Note for step 1 & 2 : Alternatively, Find the Jobs assigned to the role and find the corresponding position of the jobs. ( logic to be determined post HR and Security role design)
3. Update Tables TCJ04 and TCJ05-
- New Position added
- Person Responsible table
For TCJ04 specific Security Roles, Compare TCJ04 table entry with Step-1 data.
If new Positions are found in Step-1 data, then insert them as new Records in TCJ04 i.e. Position in VERNR and respective Position text in VERNA.
- Applicant table
For TCJ05 specific Security Role/s, Compare TCJ05 table entry with Step-2 data.
If new Positions are found in Step-1 data, then insert them as new Records in TCJ05 i.e. Position in ASTNR and respective Position text in ASTNA.
- Existing Position Name changed
- Person Responsible table
For TCJ04 specific Security Roles, Compare TCJ04 table's data with Step-1 data.
If same Positions are found in both the tables, then update each Position text i.e. TCJ04-VERNA.
- Applicant table
For Job i.e. HRP1001-SOBID = "TCJ05 specific Security Role/s", Compare TCJ05 table's data with Step-2 data.
If same Positions are found in both the tables, then update each Position text i.e. TCJ05-ASTNA.
- Delete- If the Position is inactive, Role is no longer assigned or Position not in validity date
Get list of Positions from TCJ04 & TCJ05 tables and pass to HRP1000 to check inactive positions-
OTYPE = S
OBJID = Position
ENDDA is before system date
Also, get list of Positions from TCJ04 & TCJ05 tables and pass to HRP1014 to get obsolete positions-
OTYPE = S
OBJID = Position
REDUN = X
Collect all positions from above steps and delete the records from respective TCJ04 & TCJ05 tables.
Volumetrics
N/A
Performance Considerations
N/A
Error Handling
The batch job log must display added and deleted positions from both TCJ04 and TCJ05 tables.
Testing
How to Test
Specific HR positions are required, and these positions are associated with SAP User IDs to which defined security roles are assigned.
Test Conditions and Expected Results
| ID | Condition | Expected Result |
|---|---|---|
| 1 | Valid new Position assigned to SAP User ID having security role "Person Responsible- Project" or "Person Responsible- WBS" | Entry in Person Responsible table will be maintained after executing batch job manually. Open a project, new Position will appear in the Person Responsible field of Project Definition and WBS Element. |
| 2 | Valid new Position assigned to SAP User ID having security role "Project Financial Controller" | Entry in Applicant table will be maintained after executing batch job manually. Open a project, new Position will appear in the Applicant No. field of Project Definition and WBS Element. |
| 3 | Security Role to SAP User ID i.e. defined roles of Person Responsible and Applicant are not assigned | No update in OPS6 or OPS7 after executing batch job manually |
| 4 | Change existing Position Description which is already maintained in either t-code OPS6 or OPS7 | Position text will be updated after executing batch job manually. Open a project, Position updated text will appear in the Person Responsible search field of Project Definition and WBS Element. |
| 5 | Position with mixed jobs i.e. "Person Responsible- Project"/ "Person Responsible- WBS" and "Project Financial Controller" | Batch job will process and TCJ04 & TCJ05 tables will be maintained for the same record. |
| 6 | Position with mixed jobs i.e. "Person Responsible- Project" and "Person Responsible- WBS" | Batch job will process and TCJ04 table will be maintained. |
| 7 | The position is inactive, or its validity period has already expired | Position will be deleted from OPS6 or OPS7 after batch job execution. When a project is opened that still references an inactive or expired position, the position will continue to display against the Project Definition and WBS element without triggering any error. If necessary, the position can be overwritten. |
Test Considerations/Dependencies
- The H2R team to allocate 5 positions assigned to some Personnel nos. (with SAP User IDs provided by the Security team) to support the execution of the various tests outlined above.
The Security team to share few SAP User IDs reflecting assignments to the roles "Person Responsible – Project", "Person Responsible – WBS", and "Project Financial Controller", in varying combinations for test validation.
Other Information
N/A
Development Details
Package
| Package Name | Parent Package |
|---|---|
Enhancement Implementation
| Enhancement Type | Standard Definition Name | Custom Implementation Name | Design Rationale Reference |
|---|---|---|---|
Other Development Objects
| Object Type | Object Name | Purpose/High Level Logic | Design Rationale Reference |
|---|---|---|---|
Appendix
Custom Authorization Group Naming Convention
This table is based on the Syensqo development standards document. It provides the naming conventions for authorization groups to associated with custom reports and tables to comply with security requirements.
ABAP | ZFI | ZMM | ZPS | ZCO | ZSD | ZBC | ZFI | ZCA |
|---|---|---|---|---|---|---|---|---|
| TABLES | ZFIT | ZMMT | ZPST | ZCOT | ZSDT | ZBCT | ZFIT | ZCAT |
See also
Insert links and references to other documents which are relevant when trying to understand this decision and its implications. Other decisions are often impacted, so it's good to list them here with links. Attachments are also possible but dangerous as they are static documents and not updated by their authors.
