At first glance, your process seems to be correct; can't see any obvious reason why it doesn't work without BI_ALL.
What i can say is that adding BI_ALL is not the solution, as it will nullify the process of ZCOMP, granting all authorizations on all objects that are authorization relevant.
One tip: did you try transaction RSUDO? It allows you to run a query as a certain user via RSRT and give you a log af the authorization checks if there was an error. Will hopefully give you more info on why it fails without 0BI_ALL