A guide on setting up user status security for Plant Maintenance is now posted. Though B_USERSTAT is used universally across modules, it used in the PM module. Statuses can be controlled on equipment, work orders, notifications, etc.
The B_USERSTAT authorization object is the primary authorization object that is used to control access to the statuses.
Activity – This field has only two options. A value of 01 allows for the setting of a status and a value of 06 is to delete/remove the status. The removing of status authorization applies mainly to non-sequential user statuses (where check boxes are used). In sequential user statuses, the selection of another status does not call an authorization check on activity 06 on the deselected status. It will only call an authorization check for activity 01 for the new status selected and if it is allowed.
Authorization Key – This will give the user access to the specified authorization key. Values here correspond to table TJ10. Authorizations are used to restrict user statuses in the status profiles (table TJ30). Some authorization keys are never configured into our Security rules. This is usually done when statuses are never to be changed or done solely by an interface.
Object Category – Depending on the where the status profile is used, the above example only gives the user access to status profiles that are associated with maintenance orders (ORI). Some statuses may be used in multiple object categories. You can look up which object categories the status profile may be used in table TJ21.
Status Profile – This field allows access to specified status profiles. If the user does not have access to the status profile, the user will not be able to set the status whether or not an auth key is assigned to the user status or not.