You can use two methods to ensure security for the InfoSet (Ad Hoc) Query tool and the QuickViewer tool: query groups and roles. The following sections describe these two methods.
Using Query Groups to Provide Security for the InfoSet (Ad Hoc) Query and QuickViewer Tools
You control access rights to the InfoSet (Ad Hoc) Query and QuickViewer tools by using query groups exactly the same way as you do with the SAP Query tool, as described earlier in this chapter, in the section "Using Query Groups to Provide Security for the SAP Query Tool."
Using Roles to Provide Security for the InfoSet (Ad Hoc) Query and QuickViewer Tools
Exactly one query group (with InfoSets assigned) must be assigned to a role. It is not required to enter or select individual usernames in the query group, because they are assigned in the role assignment. This means that a user who is assigned to a role is automatically copied into the query group assigned to the role. This assignment functions only when the user uses the role to navigate to (that is, call) the InfoSet (Ad Hoc) Query or QuickViewer tools. If the InfoSet (Ad Hoc) Query or QuickViewer tools are accessed via another method, the traditional access authorization implemented using SAP query groups is applicable. For a user to be able to save InfoSet queries or QuickViews, he or she needs authorization object S_QUERY, with the field ACTVT set to 02. If the user does not have this authorization, he or she can execute the available InfoSets and queries within the role, but he or she cannot save queries.